Falhas do tipo CWE-862

6.926 resultados
CVE-2025-26961HIGHWordPress Fresh Framework plugin <= 1.70.0 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-28920MEDIUMWordPress Responsive Google Map plugin <= 3.1.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-43090MEDIUMGnome-shell: screenshot tool allows viewing open windows when session is lockedEPSS 0.3%CVE-2026-30926HIGHSiYuan Note publish service authorization bypass allows low-privilege users to modify notebook contentEPSS 0.3%CVE-2026-44326CRITICALfree5GC: NEF 3gpp-traffic-influence API is unauthenticated; missing or forged bearer tokens can create, read, patch, and delete subscriptionsEPSS 0.3%CVE-2024-49694MEDIUMWordPress My Wp Brand – Hide menu & Hide Plugin plugin <= 1.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24364MEDIUMWordPress WP User Frontend plugin <= 4.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-24739MEDIUMMissing authorization check in SAP BAM (Bank Account Management)EPSS 0.3%CVE-2023-28492MEDIUMWordPress Calendar Event Multi View plugin <= 1.4.10 - Missing Authorization Leading To Feedback Submission vulnerabilityEPSS 0.3%CVE-2025-22304MEDIUMWordPress WP Visitor Statistics plugin <= 7.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-5805MEDIUMWordPress Electron theme <= 1.8.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-44327CRITICALfree5GC: NEF nnef-oam route group is unauthenticated; no-token requests reach the OAM handlerEPSS 0.3%CVE-2025-49348MEDIUMWordPress Hype plugin <= 1.0.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68911MEDIUMWordPress Solace theme <= 2.1.16 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-12963CRITICALLazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart <= 1.2.29 - Missing Authorization to Uanuthenticated Privilege EscalationEPSS 0.3%CVE-2023-3352MEDIUMSmush – Lazy Load Images, Optimize & Compress Images <= 3.16.4 - Missing Authorization to Resmush List DeletionEPSS 0.3%CVE-2025-39602MEDIUMWordPress WooCommerce Product Table Lite plugin <= 3.9.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-36000MEDIUMITM Server Missing Authorization for Agent ConfigEPSS 0.3%CVE-2025-26983MEDIUMWordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-6708MEDIUMHEL Online Classroom: AI-powered Online Classrooms <= 1.0.3 - Missing Authorization to Unauthenticated Arbitrary Classroom Deletion via 'id' ParameterEPSS 0.3%