Falhas do tipo CWE-862
6.923 resultadosCVE-2024-35742MEDIUMWordPress Easy Forms for Mailchimp plugin <= 6.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67975MEDIUMWordPress aDirectory plugin <= 3.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68000MEDIUMWordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-9825MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2026-33685MEDIUMAVideo Allows Unauthenticated Access to AD_Server reports.json.php that Exposes Ad Campaign Analytics and User DataEPSS 0.3%CVE-2026-25365MEDIUMWordPress Kargo Takip plugin < 0.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-39355CRITICALGenealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control)EPSS 0.3%CVE-2024-12113MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress By KaineLabs <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Review DeletionEPSS 0.3%CVE-2024-6869MEDIUMFalang multilanguage for WordPress <= 1.3.52 - Missing Authorization to Translation Update and Information ExposureEPSS 0.3%CVE-2024-43268MEDIUMWordPress Backup and Restore WordPress plugin <= 1.50 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25430MEDIUMWordPress Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25455MEDIUMWordPress Product Slider for WooCommerce plugin <= 1.13.61 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26376MEDIUMA CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticaEPSS 0.3%CVE-2025-22591MEDIUMWordPress 1003 Mortgage Application plugin <= 1.87 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24984MEDIUMWordPress Visual Link Preview plugin <= 2.2.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12810HIGHJobCareer | Job Board Responsive WordPress Theme <= 7.1 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrative ActionsEPSS 0.3%CVE-2025-68005MEDIUMWordPress Easy Hotel Booking plugin <= 1.9.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49406HIGHWordPress Houzez Theme <= 4.1.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-29180MEDIUMFleet's team maintainer can transfer hosts from any team via missing source team authorizationEPSS 0.3%CVE-2026-55432MEDIUMCoder's sub-agent app registration bypasses template port-sharing policy enforcementEPSS 0.3%