Falhas do tipo CWE-862
6.908 resultadosCVE-2023-44208HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect HEPSS 0.3%CVE-2026-56767HIGHMaxun < 0.0.42 - Cross-Tenant IDOR in Storage and Webhook API HandlersEPSS 0.3%CVE-2025-13468MEDIUMSourceCodester Alumni Management System Delete admin_class.php delete_event authorizationEPSS 0.3%CVE-2026-25454MEDIUMWordPress The League theme <= 4.4.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25390MEDIUMWordPress New User Approve plugin <= 3.2.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-32684MEDIUMWordPress MapSVG Lite plugin <= 8.6.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-4222HIGHTutor LMS Pro <= 2.7.0 - Missing AuthorizationEPSS 0.3%CVE-2024-37096MEDIUMWordPress Popup box plugin <= 4.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37218MEDIUMWordPress Page Builder Sandwich <= 5.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-44848CRITICALPortainer: Missing authorization on Docker plugin endpoints allows host RCEEPSS 0.3%CVE-2023-47820MEDIUMWordPress WP Like Button plugin <= 1.7.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-6872MEDIUMBuild Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed, One-Click Import for Elementor & Gutenberg Blocks! – TemplateSpare <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Theme UpdateEPSS 0.3%CVE-2023-47762MEDIUMWordPress BetterDocs plugin <= 2.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37443MEDIUMWordPress WP Job Manager plugin <= 2.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37203MEDIUMWordPress Laybuy Payment Extension for WooCommerce plugin <= 5.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-47780MEDIUMWordPress EasyAzon – Amazon Associates Affiliate Plugin plugin <= 5.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37254MEDIUMWordPress WP File Manager plugin <= 7.2.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37201MEDIUMWordPress Woocommerce Customers Order History plugin <= 5.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-47776MEDIUMWordPress miniorange otp verification plugin <= 4.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-48709LOWOliveTin: ValidateArgumentType API Endpoint Missing Authentication Allows Action and Argument EnumerationEPSS 0.3%