Falhas do tipo CWE-862

6.843 resultados
CVE-2024-56238MEDIUMWordPress Floating Action Buttons plugin <= 0.9.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-47871MEDIUMWordPress Contact Form to Any API plugin <= 1.1.6 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-7664HIGHAl Pack <= 1.1.1 - Missing Authorization to Unauthenticated Premium Feature Activation via check_activate_permission FunctionEPSS 0.5%CVE-2024-20477MEDIUMCisco Nexus Dashboard Fabric Controller Unauthorized REST API Endpoint VulnerabilityEPSS 0.5%CVE-2023-27454MEDIUMWordPress Rife Elementor Extensions & Templates plugin <= 1.1.10 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-49950HIGHWordPress Official Integration for Billingo plugin <= 4.3.0 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2024-32776MEDIUMWordPress AppPresser plugin <= 4.3.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-37111HIGHWordPress WishList Member X plugin < 3.26.7 - Unauthenticated Denial of Service Attack vulnerabilityEPSS 0.5%CVE-2026-30797CRITICALRustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled ServerEPSS 0.5%CVE-2026-5294CRITICALGeekyBot <= 1.2.2 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation via 'geekybot_frontendajax' AJAX ActionEPSS 0.5%CVE-2025-23477HIGHWordPress Realty Workstation plugin <= 1.0.45 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-1645MEDIUMMollie Forms <= 2.6.3 - Missing AuthorizationEPSS 0.5%CVE-2023-2757HIGHWaiting: One-click countdowns <= 0.6.2 - Missing Authorization Checks leading to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.5%CVE-2024-3869MEDIUMCustomer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Coupon SearchEPSS 0.5%CVE-2023-2562MEDIUMGallery Metabox <= 1.5 - Missing Authorization via refresh_metaboxEPSS 0.5%CVE-2023-32586MEDIUMWordPress SoundCloud Is Gold plugin <= 2.5.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-32599MEDIUMWordPress reCAPTCHA for all plugin <= 1.22 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-43343MEDIUMWordPress Order Tracking – WordPress Status Tracking Plugin plugin < 3.3.13 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-33907MEDIUMWordPress Print My Blog plugin <= 3.26.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-3606MEDIUMProfileGrid – User Profiles, Memberships, Groups and Communities <= 5.8.3 - Missing AuthorizationEPSS 0.5%