Falhas do tipo CWE-862

6.845 resultados
CVE-2023-22676LOWWordPress Advanced Custom Fields: Image Crop Add-on Plugin <= 1.4.12 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2022-40223MEDIUMWordPress SearchWP premium plugin <= 4.2.5 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2024-37510MEDIUMWordPress Donation Forms by Charitable plugin <= 1.8.1.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-23761MEDIUMWordPress Woo Tuner plugin <= 0.1.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-35620MEDIUMOpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat CommandsEPSS 0.4%CVE-2023-5711MEDIUMSystem Dashboard <= 2.8.8 - Missing Authorization to Information Disclosure (sd_php_info)EPSS 0.4%CVE-2025-31780MEDIUMWordPress Append Content plugin <= 2.1.1 - CSRF to Settings Change vulnerabilityEPSS 0.4%CVE-2025-23916MEDIUMWordPress WP Meetup plugin <= 2.3.0 - Settings Change vulnerabilityEPSS 0.4%CVE-2024-31297HIGHWordPress Wholesale For WooCommerce plugin <= 2.3.1 - Unauthenticated Arbitrary Post/Page vulnerabilityEPSS 0.4%CVE-2024-53810CRITICALWordPress Simple User Registration plugin <= 5.5 - Broken Access Control on User Deletion vulnerabilityEPSS 0.4%CVE-2022-46840MEDIUMWordPress JS Help Desk plugin <= 2.7.1 - Broken Access ControlEPSS 0.4%CVE-2024-39650HIGHWordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Multiple VulnerabilitiesEPSS 0.4%CVE-2024-1733MEDIUMWord Replacer Pro <= 1.0 - Missing Authorization to Unauthenticated Arbitrary Content UpdateEPSS 0.4%CVE-2023-41951MEDIUMWordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.6.14 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-13719MEDIUMPeproDev Ultimate Invoice <= 2.0.9 - Insecure Direct Object Reference to Unauthenticated Order Information ExposureEPSS 0.4%CVE-2024-1690MEDIUMTeraWallet – Best WooCommerce Wallet System With Cashback Rewards, Partial Payment, Wallet Refunds <= 1.4.10 - Missing Authorization to Authenticated (Subscriber+) User Email ExportEPSS 0.4%CVE-2024-23518MEDIUMWordPress ACF Photo Gallery Field plugin <= 2.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33956MEDIUMWordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-3595MEDIUMRiaxe Product Customizer <= 2.1.2 - Unauthenticated Arbitrary User Deletion via 'user_id' ParameterEPSS 0.4%CVE-2023-5714MEDIUMSystem Dashboard <= 2.8.7 - Missing Authorization to Information Disclosure (sd_db_specs)EPSS 0.4%