Falhas do tipo CWE-862
6.843 resultadosCVE-2023-36504MEDIUMWordPress BBS e-Popup plugin <= 2.4.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-23823MEDIUMWordPress Enhanced Text Widget plugin <= 1.5.8 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-40852HIGHThis issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18. An attacker may be EPSS 0.5%CVE-2023-35052MEDIUMWordPress Directorist plugin <= 7.5.4 - Arbitrary Content Deletion vulnerabilityEPSS 0.5%CVE-2024-2906MEDIUMWordPress Radio Player plugin <= 2.0.73 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-4319MEDIUMAdvanced Contact form 7 DB <= 2.0.2 - Missing Authorization to Unauthenticated Information DisclosureEPSS 0.5%CVE-2024-30487HIGHWordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 5.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-7032MEDIUMSmart Online Order for Clover <= 1.5.6 - Missing Authorization to Plugin Deactivation and Data DeletionEPSS 0.5%CVE-2024-1641MEDIUMAccordion <= 2.2.96 - Missing Authorization to Authenticated(Contributor+) Post DuplicationEPSS 0.5%CVE-2023-47112MEDIUMAuthenticated users can view job names and groups they do not have authorization to view in RundeckEPSS 0.5%CVE-2025-24618MEDIUMWordPress ElementInvader Addons for Elementor Plugin <= 1.3.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-24591MEDIUMWordPress GDPR CCPA Compliance & Cookie Consent Banner plugin <= 2.7.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-37971MEDIUMWordPress WooCommerce Product Stock Alert plugin <= 2.0.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-37887MEDIUMWordPress WPSchoolPress plugin <= 2.2.7 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-41786MEDIUMWordPress WP Job Portal Plugin <= 2.0.1 is vulnerable to Broken Access ControlEPSS 0.5%CVE-2023-37987MEDIUMWordPress YourMembership Single Sign On plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-5939MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Limited Information ExposureEPSS 0.5%CVE-2024-13653HIGHZoxPress - The All-In-One WordPress News Theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.5%CVE-2024-9096HIGHImproper Authorization in lunary-ai/lunaryEPSS 0.5%CVE-2024-13752MEDIUMWP Project Manager <= 2.6.17 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options UpdateEPSS 0.5%