Falhas do tipo CWE-862

6.880 resultados
CVE-2024-3626MEDIUMEmail Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.17 - Missing AuthorizationEPSS 0.4%CVE-2024-22272MEDIUMVMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organizEPSS 0.4%CVE-2026-8495CRITICALDate iCal - Critical - Information disclosure - SA-CONTRIB-2026-037EPSS 0.4%CVE-2023-39995MEDIUMWordPress Portfolio and Projects plugin <= 1.3.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-41695MEDIUMWordPress Traffic Manager Plugin <= 1.4.5 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2023-3204MEDIUMMaterialis <= 1.1.24 - Missing Authorization to Limited Arbitrary Options UpdateEPSS 0.4%CVE-2025-14947MEDIUMAll-in-One Video Gallery <= 4.6.4 - Missing Authorization to Unauthenticated Bunny Stream Video Creation/DeletionEPSS 0.4%CVE-2026-28217MEDIUMIDOR in GraphQL userCollection Query Exposes Other Users' Private CollectionsEPSS 0.4%CVE-2023-2494MEDIUMGo Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Missing Authorization to Limited Privilege GrantingEPSS 0.4%CVE-2024-8552MEDIUMDownload Monitor <= 5.0.9 - Missing Authorization to Authenticated (Subscriber+) Shop EnableEPSS 0.4%CVE-2026-26358HIGHDell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Authorization vulnerability. A low privileged attacker with remote accessEPSS 0.4%CVE-2024-3237MEDIUMConvertPlug <= 3.5.25 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options UpdateEPSS 0.4%CVE-2024-21630MEDIUMZulip non-admins can invite new users to streams they would not otherwise be able to add existing users toEPSS 0.4%CVE-2024-34799MEDIUMWordPress BookingPress plugin <= 1.0.82 - Appointment Duration Manipulation vulnerabilityEPSS 0.4%CVE-2024-50424MEDIUMWordPress Templately plugin <= 3.1.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-5459MEDIUMRestaurant Menu and Food Ordering <= 2.4.16 - Missing Authorization to Menu CreationEPSS 0.4%CVE-2023-29173MEDIUMWordPress Product Category Tree plugin <= 2.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-10854MEDIUMBuy one click WooCommerce <= 2.2.9 - Missing Authorization to Authenticated (Subscriber+) Settings ImportEPSS 0.4%CVE-2025-31628MEDIUMWordPress Sliced Invoices plugin <= 3.10.0 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.4%CVE-2025-31866MEDIUMWordPress ShipDepot for WooCommerce plugin <= 1.2.19 - Broken Access Control vulnerabilityEPSS 0.4%