Falhas do tipo CWE-862

6.909 resultados
CVE-2023-47761MEDIUMWordPress Simple 301 Redirects by BetterLinks plugin <= 2.0.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49350MEDIUMWordPress Actionwear products sync plugin <= 2.3.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-47838MEDIUMWordPress Conditional Fields for Contact Form 7 plugin <= 2.4.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-47793MEDIUMWordPress Acme Fix Images plugin <= 1.0.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-43134MEDIUMWordPress Waitlist Woocommerce plugin <= 2.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-46444HIGHFlowise: Vector Store No Permission ChecksEPSS 0.3%CVE-2025-57949MEDIUMWordPress Ongkoskirim.id Plugin <= 1.0.6 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-14757MEDIUMCost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status BypassEPSS 0.3%CVE-2026-2633MEDIUMGutenberg Blocks with AI by Kadence WP <= 3.6.1 - Missing Authorization to Authenticated (Contributor+) Unauthorized Media UploadEPSS 0.3%CVE-2025-2267MEDIUMWP01 – Speed, Security, SEO consultant <= 2.6.2 - Authenticated (Subscriber+) Arbitrary File DownloadEPSS 0.3%CVE-2023-36509MEDIUMWordPress CHP Ads Block Detector plugin <= 3.9.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12027MEDIUMMessage Filter for Contact Form 7 <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) Filter Updates/DeletionsEPSS 0.3%CVE-2025-10299HIGHWPBifröst – Instant Passwordless Temporary Login Links <= 1.0.7 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.3%CVE-2025-31415HIGHWordPress YayExtra <= 1.5.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-12596MEDIUMLifterLMS – WP LMS for eLearning, Online Courses, & Quizzes <= 7.8.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DeletionEPSS 0.3%CVE-2025-27583CRITICALIncorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions Pvt Ltd Academia Student InformatiEPSS 0.3%CVE-2024-8678MEDIUMRevolut Gateway for WooCommerce <= 4.17.3 - Missing Authorization to Unauthenticated Order Status UpdateEPSS 0.3%CVE-2024-9705MEDIUMUltimate Coming Soon & Maintenance <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Template Name UpdateEPSS 0.3%CVE-2021-0642MEDIUMIn onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missiEPSS 0.3%CVE-2025-49376MEDIUMWordPress DELUCKS SEO plugin <= 2.5.9 - Broken Access Control vulnerabilityEPSS 0.3%