Falhas do tipo CWE-862

6.883 resultados
CVE-2025-30944HIGHWordPress Tablesome Table Premium <= 1.1.23 - Broken Access Control VulnerabilityEPSS 0.4%CVE-2026-4117MEDIUMCalJ <= 1.5 - Authenticated (Subscriber+) Arbitrary Settings Modification via 'save-obtained-key' ActionEPSS 0.4%CVE-2024-28167MEDIUMMissing Authorization check in SAP Group Reporting Data Collection (Enter Package Data)EPSS 0.4%CVE-2024-34768MEDIUMWordPress Fastly plugin <= 1.2.25 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-12153CRITICALWP Learn Manager <= 1.1.8 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation and Activation via jslearnmanager_ajax AJAX ActionEPSS 0.4%CVE-2025-26846CRITICALAn issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using the Generic Interface to update ticket metadaEPSS 0.4%CVE-2025-31685CRITICALOpen Social - Moderately critical - Access bypass - SA-CONTRIB-2025-014EPSS 0.4%CVE-2026-24376MEDIUMWordPress WPVulnerability plugin <= 4.2.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-33316HIGHVikunja’s Improper Access Control Enables Bypass of Administrator-Imposed Account DisablementEPSS 0.4%CVE-2026-24987MEDIUMWordPress WP System Log plugin <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33929MEDIUMWordPress Directorist plugin <= 7.8.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32731MEDIUMMissing Authorization check in SAP My Travel RequestsEPSS 0.4%CVE-2026-27046MEDIUMWordPress StoreCustomizer plugin <= 2.6.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-13316MEDIUMScratch & Win – Giveaways and Contests <= 2.8.0 - Missing Authorization to Unauthenticated Coupon CreationEPSS 0.4%CVE-2025-12641MEDIUMAwesome Support – WordPress HelpDesk & Support Plugin <= 6.3.6 - Missing Authorization to Unauthenticated Role DemotionEPSS 0.4%CVE-2024-48902MEDIUMIn JetBrains YouTrack before 2024.3.46677 improper access control allowed users with project update permission to delete applications via APEPSS 0.4%CVE-2024-8548HIGHKB Support – WordPress Help Desk and Knowledge Base <= 1.6.6 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator ActionsEPSS 0.4%CVE-2025-32593HIGHWordPress Add Product Frontend for WooCommerce plugin <= 1.0.8 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2025-31909HIGHWordPress Apptivo Business Site CRM plugin <= 5.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2024-38727MEDIUMWordPress Seraphinite Post .DOCX Source plugin <= 2.16.9 - Broken Access Control vulnerabilityEPSS 0.4%