Weaknesses of type CWE-266
960 resultsCVE-2026-6564MEDIUMEMQ EMQX Enterprise Session Handling improper authorizationEPSS 0.3%CVE-2025-15126LOWJeecgBoot getPositionUserList improper authorizationEPSS 0.3%CVE-2026-22916MEDIUMAn attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictionsEPSS 0.3%CVE-2025-53428HIGHWordPress Simple User Registration plugin <= 6.8 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2024-47653HIGHMissing Authorization VulnerabilityEPSS 0.3%CVE-2025-65094HIGHWBCE CMS is Vulnerable to Privilege Escalation via Group ID Manipulation (IDOR)EPSS 0.3%CVE-2026-56033CRITICALWordPress Dokan Pro plugin <= 5.0.4 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2019-19353—An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hive as shipped in Red Hat Openshift 4. AEPSS 0.3%CVE-2025-13250MEDIUMWeiYe-Jing datax-web Job triggerJob access controlEPSS 0.3%CVE-2025-3256MEDIUMxujiangfei admintwo updateSet access controlEPSS 0.3%CVE-2025-10374MEDIUMShenzhen Sixun Business Management System OperatorStop improper authorizationEPSS 0.3%CVE-2026-42680CRITICALWordPress Contest Gallery Pro plugin <= 29.0.1 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-56030CRITICALWordPress Paytium plugin <= 5.0.2 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-49379HIGHWordPress Custom Fields Account Registration For Woocommerce plugin <= 1.2 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-48142HIGHWordPress Bookify <= 1.0.9 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-48164HIGHWordPress SureDash <= 1.0.3 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-39542HIGHWordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-13787MEDIUMZenTao File control.php delete privileges managementEPSS 0.3%CVE-2026-48879CRITICALWordPress AIWU plugin <= 1.4.17 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-2107MEDIUMyeqifu warehouse Log Info LoginfoController.java batchDeleteLoginfo improper authorizationEPSS 0.3%