Falhas do tipo CWE-862

7.018 resultados
CVE-2025-11742MEDIUMWPC Smart Wishlist for WooCommerce <= 5.0.4 - Missing Authorization to Authenticated (Subscriber+) Information ExposureEPSS 0.3%CVE-2025-14782MEDIUMForminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.49.1 - Missing Authorization to Authenticated (Forminator User+) CSV ExportEPSS 0.3%CVE-2024-39596MEDIUM[CVE-2024-39596] Missing Authorization check vulnerability in SAP Enable NowEPSS 0.3%CVE-2025-14339MEDIUMweMail <= 2.0.7 - Missing Authorization to Unauthenticated Form DeletionEPSS 0.3%CVE-2025-49287MEDIUMWordPress Product Feed for WooCommerce plugin <= 2.2.8 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-0068MEDIUMMissing Authorization check in Remote Function Call (RFC) in SAP NetWeaver Application Server ABAPEPSS 0.3%CVE-2024-10536MEDIUMFancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor <= 6.0.0 - Missing Authorization to Authenticated (Subscriber+) Shortcode ExportEPSS 0.3%CVE-2025-69063HIGHWordPress New User Approve plugin <= 3.2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67624MEDIUMWordPress Optimize More! – Images plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1640MEDIUMTaskbuilder <= 5.0.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Project/Task Comment CreationEPSS 0.3%CVE-2023-51680MEDIUMWordPress Quotes for WooCommerce plugin <= 2.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-47120HIGHNezha Monitoring: RoleMember can fire other users' cron tasks via AlertRule.FailTriggerTasks (no ownership check)EPSS 0.3%CVE-2026-22343HIGHWordPress WordPress Dating Theme theme <= 11.2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-5321MEDIUMMissing Authorization in hamza417/inureEPSS 0.3%CVE-2026-1930MEDIUMEmailchef <= 3.5.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings DeletionEPSS 0.3%CVE-2025-39583HIGHWordPress BERTHA AI plugin <= 1.12.10.2 - Arbitrary Content Deletion VulnerabilityEPSS 0.3%CVE-2025-13528MEDIUMFeedback Modal for Website <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Feedback Data Exfiltration via 'export_data' ParameterEPSS 0.3%CVE-2026-31921HIGHWordPress Product Rearrange for WooCommerce plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-28070MEDIUMWordPress WP eMember plugin <= v10.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14078MEDIUMPAYGENT for WooCommerce <= 2.4.6 - Missing Authorization to Unauthenticated Payment Callback ManipulationEPSS 0.3%