Falhas do tipo CWE-862

6.878 resultados
CVE-2024-37456MEDIUMWordPress Simple Newsletter Plugin – Noptin plugin <= 3.4.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37207MEDIUMWordPress Demo Awesome plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37926MEDIUMWordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43219MEDIUMWordPress Persian WooCommerce plugin <= 7.1.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-3609MEDIUMReviewX – Multi-criteria Rating & Reviews for WooCommerce <= 1.6.27 - Missing AuthorizationEPSS 0.4%CVE-2021-24790Contact Form Advanced Database <= 1.0.8 - Unauthorised AJAX CallsEPSS 0.4%CVE-2024-20442MEDIUMCisco Nexus Dashboard Unauthorized API Endpoints VulnerabilityEPSS 0.4%CVE-2025-66735HIGHyoulai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permissioEPSS 0.4%CVE-2022-3337MEDIUMLock WARP switch bypass by removing VPN profile on iOS mobile clientEPSS 0.4%CVE-2026-11807CRITICALEda-server: websocket missing authorization allows credential theft via activation_id spoofingEPSS 0.4%CVE-2022-3321MEDIUMLock WARP switch feature bypass on WARP mobile client for iOSEPSS 0.4%CVE-2024-21417HIGHWindows Text Services Framework Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2023-52183MEDIUMWordPress WordPress Backup & Migration plugin <= 1.4.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-2494MEDIUMGo Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Missing Authorization to Limited Privilege GrantingEPSS 0.4%CVE-2024-34815MEDIUMWordPress Import and export users and customers plugin <= 1.26.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-39995MEDIUMWordPress Portfolio and Projects plugin <= 1.3.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-41695MEDIUMWordPress Traffic Manager Plugin <= 1.4.5 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2024-2036MEDIUMApplyOnline – Application Form Builder and Manager <= 2.6.2 - Missing Authorization to Sensitive Information ExposureEPSS 0.4%CVE-2024-22272MEDIUMVMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organizEPSS 0.4%CVE-2023-3204MEDIUMMaterialis <= 1.1.24 - Missing Authorization to Limited Arbitrary Options UpdateEPSS 0.4%