Falhas do tipo CWE-862

6.908 resultados
CVE-2023-4105LOWAttachment of deleted message in a thread remains accessible and downloadable EPSS 0.3%CVE-2024-34444HIGHWordPress Slider Revolution plugin < 6.7.0 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-32210MEDIUMWordPress CM Registration and Invitation Codes plugin <= 2.5.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26741HIGHWordPress Email Notifications for Updates <= 1.1.6 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-13468MEDIUMSourceCodester Alumni Management System Delete admin_class.php delete_event authorizationEPSS 0.3%CVE-2025-22694MEDIUMWordPress Hide Shipping Method For WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-2876MEDIUMMelaPress Login Security and MelaPress Login Security Premium 2.1.0 - Missing Authorization to Unauthenticated Arbitrary User DeletionEPSS 0.3%CVE-2024-56007MEDIUMWordPress Leader plugin <= 2.6.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25083HIGHGROWI OpenAI thread/message API endpoints do not perform authorization. Affected are v7.4.5 and earlier versions. A logged-in user who knowsEPSS 0.3%CVE-2026-56767HIGHMaxun < 0.0.42 - Cross-Tenant IDOR in Storage and Webhook API HandlersEPSS 0.3%CVE-2025-39533HIGHWordPress Starfish Review Generation & Marketing plugin <= 3.1.19 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-22681MEDIUMWordPress Content Cloner plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-58600MEDIUMWordPress Paid Member Subscriptions Plugin <= 2.15.9 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-22729MEDIUMWordPress VOD Infomaniak plugin <= 1.5.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-41805MEDIUMBroken Access Control vulnerability in multiple Brainstorm Force pluginsEPSS 0.3%CVE-2024-11133MEDIUMEventer <= 3.9.9.5 - Missing Authorization to Unauthenticated Event Ticket DownloadEPSS 0.3%CVE-2023-45271MEDIUMWordPress ProductX – Gutenberg WooCommerce Blocks plugin <= 2.7.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26995MEDIUMWordPress Market Exporter plugin <= 2.0.21 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-10527LOWSpacer <= 3.0.7 - Missing Authorization to Authenticated (Subscriber+) Limited Information DisclosureEPSS 0.3%CVE-2024-6799MEDIUMYITH Essential Kit for WooCommerce #1 <= 2.34.0 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install, Activation, and DeactivationEPSS 0.3%