Weaknesses of type CWE-266
962 resultsCVE-2025-39405HIGHWordPress WPAMS plugin <= 44.0 (17-08-2023) - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-47631HIGHWordPress Hospital Management System plugin <= 47.0(20-11-2023) - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2020-27122MEDIUMCisco Identity Services Engine Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-8839MEDIUMjshERP Endpoint addUser improper authorizationEPSS 0.3%CVE-2024-11486MEDIUMCode4Berry Decoration Management System User Permission user_permission.phpEPSS 0.3%CVE-2026-1141MEDIUMPHPGurukul News Portal Add Sub-Admin add-subadmins.php improper authorizationEPSS 0.3%CVE-2025-31513MEDIUMAn issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can elevate to administrator privileges via the IsAdminApprover parameEPSS 0.3%CVE-2026-3724MEDIUMSourceCodester Patients Waiting Area Queue Management System checkin.php improper authorizationEPSS 0.3%CVE-2026-0574MEDIUMyeqifu warehouse Request UserController.java saveUserRole improper authorizationEPSS 0.3%CVE-2025-10319MEDIUMJeecgBoot Tenant Log Export exportLog improper authorizationEPSS 0.3%CVE-2026-7686MEDIUMeyeo Adblock Plus Legacy Premium Activation premium.preload.js postMessage access controlEPSS 0.3%CVE-2025-58841MEDIUMWordPress Media Author Plugin <= 1.0.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-10086MEDIUMfuyang_lipengjun platform AdPositionController queryAll improper authorizationEPSS 0.3%CVE-2025-10275MEDIUMYunaiV yudao-cloud transfer improper authorizationEPSS 0.3%CVE-2025-10070MEDIUMPortabilis i-Educar enturmacao-em-lote access controlEPSS 0.3%CVE-2025-10278MEDIUMYunaiV ruoyi-vue-pro transfer improper authorizationEPSS 0.3%CVE-2025-0797MEDIUMMicroWorld eScan Antivirus Quarantine Microworld default permissionEPSS 0.3%CVE-2025-10276MEDIUMYunaiV ruoyi-vue-pro transfer improper authorizationEPSS 0.3%CVE-2025-10072MEDIUMPortabilis i-Educar enturmar access controlEPSS 0.3%CVE-2025-10277MEDIUMYunaiV yudao-cloud submit improper authorizationEPSS 0.3%