Falhas do tipo CWE-862

6.921 resultados
CVE-2025-68039MEDIUMWordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-24711MEDIUMWordPress WooCommerce Conversion Tracking plugin <= 2.0.11 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-48039MEDIUMWordPress CubeWP Framework plugin <= 1.1.15 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68003MEDIUMWordPress Shown Connector plugin <= 1.2.10 - Settings Change vulnerabilityEPSS 0.3%CVE-2024-13203MEDIUMkurniaramadhan E-Commerce-PHP cross-site request forgeryEPSS 0.3%CVE-2025-39413MEDIUMWordPress Simple Sitemap – Create a Responsive HTML Sitemap plugin <= 3.6.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-30216MEDIUMMissing Authorization check in SAP S/4 HANA (Cash Management)EPSS 0.3%CVE-2024-30217MEDIUMMissing Authorization check in SAP S/4 HANA (Cash Management)EPSS 0.3%CVE-2025-28965HIGHWordPress URL Shortener <= 3.0.7 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-22459MEDIUMWordPress WordPress CTA plugin <= 2.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-35448LOWWWBN AVideo Provides Unauthenticated Access to Payment Order Data via BlockonomicsYPT check.phpEPSS 0.3%CVE-2025-26750MEDIUMWordPress Vitepos Plugin <= 3.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1084MEDIUMMindskip xzs-mysql 学之思开源考试系统 cross-site request forgeryEPSS 0.3%CVE-2026-24139HIGHMyTube Allows Unauthorized Database Export by Guest UsersEPSS 0.3%CVE-2023-31826HIGHSkyscreamer Open Source Nevado JMS v1.3.2 does not perform security checks when receiving messages. This allows attackers to execute arbitraEPSS 0.3%CVE-2023-45633MEDIUMWordPress IMPress Listings plugin <= 2.6.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-8814MEDIUMatjiu pybbs CookieUtil.java setCookie cross-site request forgeryEPSS 0.3%CVE-2025-46823HIGHOpenMRS has Vulnerability in FHIR2 Module PrivilegesEPSS 0.3%CVE-2024-12781MEDIUMAurum - WordPress & WooCommerce Shopping Theme <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Demo Content ImportEPSS 0.3%CVE-2024-5857MEDIUMInteractive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free <= 3.7.3.2 - Missing Authorization to Unauthenticated Arbitrary Media DeletionEPSS 0.3%