Falhas do tipo CWE-862

6.917 resultados
CVE-2024-24718MEDIUMWordPress PropertyHive plugin <= 2.0.6 - Missing Authorization to Non-Arbitrary Plugin Installation vulnerabilityEPSS 0.3%CVE-2024-12327MEDIUMLazyLoad Background Images <= 1.0.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.3%CVE-2023-47756MEDIUMWordPress Welcome Email Editor plugin <= 5.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-38744HIGHWordPress Plum: Spin Wheel & Email Pop-up plugin <= 2.0 - Broken Access Control to Unauth Stored XSS vulnerabilityEPSS 0.3%CVE-2025-31896MEDIUMWordPress GetBookingsWP Plugin <= 1.1.27 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2021-4444HIGHProduct Filter by WooBeWoo <= 1.4.9 - Missing AuthorizationEPSS 0.3%CVE-2024-42376MEDIUMMultiple Missing Authorization Check vulnerabilities in SAP Shared Service FrameworkEPSS 0.3%CVE-2025-43011HIGHMissing Authorization Check in SAP Landscape Transformation (PCL Basis)EPSS 0.3%CVE-2026-1656MEDIUMBusiness Directory Plugin <= 6.4.20 - Missing Authorization to Unauthenticated Arbitrary Listing ModificationEPSS 0.3%CVE-2025-31868MEDIUMWordPress JS Job Manager plugin <= 2.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31862MEDIUMWordPress Job Board Manager Plugin <= 2.1.61 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31746MEDIUMWordPress Clients plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31739MEDIUMWordPress Minimalistic Event Manager plugin <= 1.1.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-6590MEDIUMSpreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2025-3871MEDIUMBroken Access Control Leads to Limited Denial of Service in GoAnywhere MFT 7.8.0 and earlierEPSS 0.3%CVE-2025-13754MEDIUMAppointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.16 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2024-11496MEDIUMInfility Global <= 2.9.8 - Authenticated (Subscriber+) Missing Authorization to Plugin Options UpdateEPSS 0.3%CVE-2025-31870MEDIUMWordPress WP AutoKeyword plugin <= 1.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2026-30970HIGHSession authentication bypass in Coral Server session creation endpointEPSS 0.3%CVE-2024-5382MEDIUMMaster Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to MA Template Creation or ModificationEPSS 0.3%