Falhas do tipo CWE-862

6.889 resultados
CVE-2024-7894MEDIUMIf Menu <= 0.19.1 - Missing Authorization to License Key UpdateEPSS 0.4%CVE-2025-59011HIGHWordPress Traveler Theme < 3.2.3 - Arbitrary Content Deletion VulnerabilityEPSS 0.4%CVE-2022-45811MEDIUMWordPress Post Teaser plugin <= 4.1.5 - Auth. Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35720MEDIUMWordPress Album Gallery – WordPress Gallery plugin <= 1.5.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-12341MEDIUMCustom Skins Contact Form 7 <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update and Skin CreationEPSS 0.4%CVE-2024-35726MEDIUMWordPress WooBuddy plugin <= 3.4.19 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-31252MEDIUMWordPress Responsive Lightbox & Gallery plugin <= 2.4.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35725MEDIUMWordPress LA-Studio Element Kit for Elementor plugin <= 1.3.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35669MEDIUMWordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-47771HIGHWordPress Essential Grid plugin <= 3.0.18 - Multiple Authenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35721MEDIUMWordPress Image Gallery plugin <= 1.4.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-47783HIGHWordPress Thrive Theme Builder theme < 3.24.0 - Multiple Authenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-12845HIGHTablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent 0.5.4 - 1.2.1 - Missing Authorization to Authenticated (Subscriber+) Information Exposure and Privilege EscalationEPSS 0.4%CVE-2024-35722MEDIUMWordPress Slider Responsive Slideshow – Image slider, Gallery slideshow plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-9706MEDIUMUltimate Coming Soon & Maintenance <= 1.0.9 - Missing Authorization to Unauthenticated Template ActivationEPSS 0.4%CVE-2026-4362MEDIUMElementsKit Elementor Addons <= 3.8.2 - Missing Authorization to Unauthenticated Widget Content OverwriteEPSS 0.4%CVE-2023-51495MEDIUMWordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-13423MEDIUMSparkling <= 2.4.9 - Missing Authorization to Unauthenticated Arbitrary Plugin Activation/DeactivationEPSS 0.4%CVE-2023-48280HIGHWordPress Consensu.io plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-45104HIGHWordPress BetterLinks plugin <= 1.6.0 - Broken Access Control vulnerabilityEPSS 0.4%