Falhas do tipo CWE-862

7.035 resultados
CVE-2024-24844HIGHWordPress PowerPack Pro for Elementor plugin <= 2.10.6 - Unauthenticated Plugin Settings Reset vulnerabilityEPSS 0.2%CVE-2025-13177MEDIUMBdtask/CodeCanyon SalesERP cross-site request forgeryEPSS 0.2%CVE-2024-37202MEDIUMWordPress Ultimate Custom Add To Cart Button (Ajax) For WooCommerce by Binary Carpenter plugin <= 1.222.17 - Broken Access Control to XSS vulnerabilityEPSS 0.2%CVE-2025-68995MEDIUMWordPress My Sticky Elements plugin <= 2.3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-9616MEDIUMGenerate Security.txt <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Security.txt Deletion via delete_securitytxt AJAX ActionEPSS 0.2%CVE-2026-49205MEDIUMphpMyFAQ: Missing userHasPermission() in 4 API write endpoints (CVE-2026-24421 Incomplete Fix)EPSS 0.2%CVE-2025-14080MEDIUMFrontend Post Submission Manager Lite <= 1.2.5 - Missing Authorization to Unauthenticated Arbitrary Post ModificationEPSS 0.2%CVE-2025-14029MEDIUMCommunity Events <= 1.5.6 - Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' ParameterEPSS 0.2%CVE-2026-25420MEDIUMWordPress MailerLite plugin <= 1.7.18 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69327MEDIUMWordPress Car Rental Manager plugin <= 1.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25375MEDIUMWordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-6864MEDIUMSeaCMS admin_type.php cross-site request forgeryEPSS 0.2%CVE-2026-57797MEDIUMWordPress EduMall theme <= 4.5.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25399MEDIUMWordPress Serious Slider plugin <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-10390MEDIUMElfsight Telegram Chat CC <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-35063HIGHMissing Authorization in OpenPLC_V3EPSS 0.2%CVE-2025-63077MEDIUMWordPress Happy Addons for Elementor plugin <= 3.20.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-61441HIGHPraisonAI Platform before 0.1.9 Authorization Bypass via DependenciesEPSS 0.2%CVE-2025-61755LOWVulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). Supported versions that are affected are OraclEPSS 0.2%CVE-2025-26956HIGHWordPress Traveler theme < 3.2.1 - Broken Access Control vulnerabilityEPSS 0.2%