Falhas do tipo CWE-862

6.928 resultados
CVE-2025-0935MEDIUMMedia Library Folders <= 8.3.0 - Missing Authorization to Plugin Settings ChangeEPSS 0.3%CVE-2024-13639MEDIUMRead More & Accordion <= 3.4.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary 'Read More' Post DeletionEPSS 0.3%CVE-2023-46195MEDIUMWordPress Headline Analyzer plugin <= 1.3.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1325MEDIUMWP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode ExeuctionEPSS 0.3%CVE-2024-6392MEDIUMImage Optimizer, Resizer and CDN – Sirv <= 7.2.7 - Authenticated(Subscriber+) Missing Authorization to Plugin Settings UpdateEPSS 0.3%CVE-2024-56271MEDIUMWordPress WP SecureSubmit plugin <= 1.5.20 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-10029MEDIUMEvent Koi Lite <= 1.3.13.1 - Missing Authorization to Unauthenticated Sensitive Information Exposure via REST API EndpointsEPSS 0.3%CVE-2023-36000MEDIUMITM Server Missing Authorization for Agent ConfigEPSS 0.3%CVE-2024-7721MEDIUMHTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.34 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.3%CVE-2023-4106MEDIUMA guest user can perform various actions on public playbooksEPSS 0.3%CVE-2026-49072MEDIUMWordPress WooCommerce Anti-Fraud plugin <= 7.2.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-43260MEDIUMWordPress Clearfy Cache plugin <= 2.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-46607MEDIUMWordPress WP iCal Availability plugin <= 1.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-0572MEDIUMWebPurify Profanity Filter <= 4.0.2 - Missing Authorization to Unauthenticated Plugin Settings Change via webpurify_save_optionsEPSS 0.3%CVE-2025-67956HIGHWordPress User Registration plugin <= 4.4.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-2890HIGHFormidable Forms <= 6.28 - Missing Authorization to Unauthenticated Payment Integrity Bypass via PaymentIntent ReuseEPSS 0.3%CVE-2025-4179HIGHFlynax Bridge <= 2.2.0 - Unauthenticated Limited Privilege EscalationEPSS 0.3%CVE-2026-42461HIGHArcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets)EPSS 0.3%CVE-2026-1748MEDIUMInvoct – PDF Invoices & Billing for WooCommerce <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Information ExposureEPSS 0.3%CVE-2025-7772MEDIUMMalcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 16.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File ReadEPSS 0.3%