I connect this cable to my WAN port and distribute it internally via
wifi through my password-protected router.
Such a setup almost certainly means that your router is performing NAT, Network Address Translation. One advantage of NAT is that you must explicitly define rules that allow incoming traffic from the WAN to be able to access something on the LAN. Therefore,
Can computers on this WAN, in a regular network workflow (that is,
without using any exploit) connect to devices connected to my LAN?
By default the answer to this is no.
There is one minor case to consider - who owns the router? If you own the router, then you have full control over how it behaves. But if the ISP owns your router, then they may have access to your LAN. I've known people paranoid enough to put a SOHO router behind their ISP router to protect their LAN from the ISP.
Also, if there are, what types of attacks can be done this way?
(exploit or not)
You'll want to ensure that your admin interface is only available from the LAN, not the WAN. Most routers have a checkbox for this.
Other than that, exploits of the router is the biggest concern. Monitor the news in case something pops up; SANS NewsBites is a good semi-weekly wrap-up that often mentions things like router exploits becoming known.