Falhas do tipo CWE-862

6.851 resultados
CVE-2025-14070HIGHReviewify <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon CreationEPSS 0.4%CVE-2026-1355MEDIUMMissing Authorization Check in GitHub Enterprise Server Allows Unauthorized Uploads to Repository Migration ExportsEPSS 0.4%CVE-2025-31720MEDIUMA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but withouEPSS 0.4%CVE-2025-70148HIGHMissing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allows unauthenticated aEPSS 0.4%CVE-2024-31243HIGHWordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion vulnerabilityEPSS 0.4%CVE-2025-24643MEDIUMWordPress WPGuppy plugin <= 1.1.0 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2025-23529MEDIUMWordPress Minterpress plugin <= 1.0.5 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2025-2848MEDIUMA vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some nonEPSS 0.4%CVE-2025-1508MEDIUMWP Crowdfunding <= 2.1.14 - Missing Authorization to Authenticated (Subscriber+) Post Content DownloadEPSS 0.4%CVE-2023-1929MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_purgecache_varnish_callback'EPSS 0.4%CVE-2025-24682MEDIUMWordPress Super Block Slider plugin <= 2.7.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-48582CRITICALMicrosoft Exchange Online Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2025-26853CRITICALDESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema.EPSS 0.4%CVE-2025-24753MEDIUMWordPress Kadence Blocks plugin <= 3.3.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-12925MEDIUMrymcu forest UserDicController.java deleteDic authorizationEPSS 0.4%CVE-2024-5941MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Missing Authorization to Authenticated (Subscriber+) Limited File DeletionEPSS 0.4%CVE-2024-44208HIGHThis issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15. An app may be able to bypass certain PrEPSS 0.4%CVE-2023-1931MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization in 'deleteCssAndJsCacheToolbar'EPSS 0.4%CVE-2024-12164MEDIUMWPSyncSheets Lite For WPForms – WPForms Google Spreadsheet Addon <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Settings ResetEPSS 0.4%CVE-2023-1930MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_clear_cache_of_allsites_callback'EPSS 0.4%