Falhas do tipo CWE-862

7.019 resultados
CVE-2025-62976MEDIUMWordPress Sendle Shipping plugin <= 6.02 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-53111MEDIUMGLPI exposes data to non-allowed usersEPSS 0.3%CVE-2025-36756MEDIUMDevice Takeover vulnerability in SolaX CloudEPSS 0.3%CVE-2026-45632CRITICALDokploy: Schedule Authorization Bypass Enables Host/Server Command ExecutionEPSS 0.3%CVE-2025-68834HIGHWordPress Sync Master Sheet – Product Sync with Google Sheet for WooCommerce plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-49293MEDIUMWordPress WP VR plugin <= 8.5.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67958MEDIUMWordPress TaxCloud for WooCommerce plugin <= 8.3.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-34438MEDIUMWordPress Shared Files plugin <= 1.7.19 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-12097MEDIUMUser Management <= 1.2 - Missing Authorization to Unauthenticated Plugin Settings ModificationEPSS 0.3%CVE-2025-22643MEDIUMWordPress OnePress theme <= 2.3.11 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68558MEDIUMWordPress Depicter Slider plugin <= 4.0.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24586MEDIUMWordPress Newses theme <= 2.0.0.77 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-66075MEDIUMWordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24598MEDIUMWordPress Multilanguage by BestWebSoft plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-22674MEDIUMWordPress Dashicons + Custom Post Types Plugin <= 1.0.2 is vulnerable to Broken Access ControlEPSS 0.3%CVE-2026-8690MEDIUMRentMy Real-Time Rental Management Plugin <= 4.0.4.1 - Missing Authorization to Unauthenticated Settings Update via rentmy_cdn_request AJAX ActionEPSS 0.3%CVE-2025-24606MEDIUMWordPress Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress plugin <=20.8.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2022-47425MEDIUMWordPress ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 3.4.10 - Broken Access ControlEPSS 0.3%CVE-2025-13092MEDIUMDevs CRM – Manage tasks, attendance and teams all together <= 1.1.8 - Unauthenticated Information ExpsoureEPSS 0.3%CVE-2025-62006MEDIUMWordPress WP SMS plugin <= 7.0.1 - Broken Access Control vulnerabilityEPSS 0.3%