Falhas do tipo CWE-862

6.946 resultados
CVE-2025-31555MEDIUMWordPress ContentMX Content Publisher plugin <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14043MEDIUMTainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section CreationEPSS 0.3%CVE-2023-51537MEDIUMWordPress Awesome Support plugin <= 6.1.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31856MEDIUMWordPress Export All Post Meta Plugin <= 1.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-2821MEDIUMSearch Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings ModificationEPSS 0.3%CVE-2025-26955MEDIUMWordPress Industrial Lite theme <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62927MEDIUMWordPress Nelio Content plugin <= 4.0.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-4038CRITICALAimogen Pro <= 2.7.5 - Unauthenticated Privilege Escalation via Arbitrary Function CallEPSS 0.3%CVE-2025-69134HIGHWordPress OpenAI Chatbot for WordPress – Helper plugin <= 1.1.4 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2026-1897MEDIUMWeKan Position-History Tracking positionHistory.js PositionHistoryBleed authorizationEPSS 0.3%CVE-2025-67540MEDIUMWordPress Animation Addons for Elementor plugin <= 2.4.5 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2026-3432CRITICALSim Studio AI - Unauthenticated OAuth Token TheftEPSS 0.3%CVE-2025-3257MEDIUMxujiangfei admintwo updateSet cross-site request forgeryEPSS 0.3%CVE-2024-56225MEDIUMWordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-65098HIGHTypebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization BypassEPSS 0.3%CVE-2026-3601MEDIUMUser Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Limited Page Content ModificationEPSS 0.3%CVE-2025-64214HIGHWordPress MasterStudy LMS Pro plugin < 4.7.16 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2023-48758HIGHWordPress JetEngine plugin <= 3.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37505MEDIUMWordPress Business One Page theme <= 1.2.9 - Broken Access Control on Notice Dismissal vulnerabilityEPSS 0.3%CVE-2025-63069MEDIUMWordPress Ivory Search plugin <= 5.5.12 - Broken Access Control vulnerabilityEPSS 0.3%