Falhas do tipo CWE-862

6.929 resultados
CVE-2023-46607MEDIUMWordPress WP iCal Availability plugin <= 1.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-64684MEDIUMIn JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback formEPSS 0.3%CVE-2026-42461HIGHArcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets)EPSS 0.3%CVE-2024-37363MEDIUMHitachi Vantara Pentaho Business Analytics Server - Incorrect AuthorizationEPSS 0.3%CVE-2024-32713MEDIUMWordPress AI Post Generator | AutoWriter plugin <= 3.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22385MEDIUMAn issue was discovered in Optimizely Configured Commerce before 5.2.2408. For newly created accounts, the Commerce B2B application does notEPSS 0.3%CVE-2025-30909MEDIUMWordPress Conversios.io plugin <= 7.2.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30959MEDIUMWordPress Product XML Feed Manager for WooCommerce <= 2.9.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2022-2382Product Slider for WooCommerce < 2.5.7 - Subscriber+ Arbitrary Options DeletionEPSS 0.3%CVE-2026-33159MEDIUMCraft CMS: Unauthenticated users could execute project configuration sync operations that should be restricted trusted usersEPSS 0.3%CVE-2025-58616MEDIUMWordPress Frisbii Pay Plugin <= 1.8.2.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-1218MEDIUMContact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing AuthorizationEPSS 0.3%CVE-2022-2389Automations By Autonami < 2.1.2 - Subscriber+ Automation CreationEPSS 0.3%CVE-2025-26773MEDIUMWordPress Analytify plugin <= 5.5.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-33636MEDIUMWordPress WP Page Post Widget Clone plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2022-2377Directorist < 7.3.0 - Subscriber+ Arbitrary E-mail SendingEPSS 0.3%CVE-2025-31820MEDIUMWordPress Automatic Featured Images from Videos plugin <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1926MEDIUMSubscriptions for WooCommerce <= 1.9.2 - Missing Authorization to Unauthenticated Arbitrary Subscription CancellationEPSS 0.3%CVE-2025-2816HIGHPage View Count 2.8.0 - 2.8.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.3%CVE-2026-9619MEDIUMReviews and Rating <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via sync_reviews AJAX ActionEPSS 0.3%