Falhas do tipo CWE-862

6.946 resultados
CVE-2024-13439MEDIUMTeam – Team Members Showcase Plugin <= 4.4.9 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2025-1481MEDIUMShortcode Cleaner Lite <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options ExportEPSS 0.3%CVE-2024-9584MEDIUMImage Map Pro <= 6.0.20 - Missing Authorization to Authenticated (Contributor+) Map Project Add/Update/DeleteEPSS 0.3%CVE-2025-1504MEDIUMPost Lockdown <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Post DisclosureEPSS 0.3%CVE-2026-39533HIGHWordPress AWP Classifieds plugin <= 4.4.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-45436MEDIUMWordPress WPBakery Page Builder plugin <= 8.7.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68069HIGHWordPress Directorist plugin <= 8.6.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11353MEDIUMSMS for Lead Capture Forms <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message DeletionEPSS 0.3%CVE-2025-33182HIGHNVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the LEPSS 0.3%CVE-2026-34024HIGHMissing authorization checks in Wertheim SafeController Software allow low-privileged users to access restricted functionsEPSS 0.3%CVE-2024-1328MEDIUMNewsletter2Go <= 4.0.14 - Authenticated(Subscriber+) Stored Cross-Site Scripting via styleEPSS 0.3%CVE-2024-37175MEDIUM[Multiple CVEs] Multiple vulnerabilities in SAP CRM (WebClient UI)EPSS 0.3%CVE-2024-54218MEDIUMWordPress AIO Contact plugin <= 2.8.1 - Unauthenticated Plugin Settings Change vulnerabilityEPSS 0.3%CVE-2026-41464HIGHProjeQtor < 12.4.4 Missing Authorization via objectDetail.phpEPSS 0.3%CVE-2026-2446CRITICALPowerpack for LearnDash < 1.3.0 - Unauthenticated Arbitrary Option UpdateEPSS 0.3%CVE-2026-42137HIGHKirby: `pages.access/list` and `files.access/list` permissions are not consistently checked in the REST API and changes dialogEPSS 0.3%CVE-2025-61751HIGHVulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (comEPSS 0.3%CVE-2024-13801HIGHBWL Advanced FAQ Manager <= 2.1.4 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options UpdateEPSS 0.3%CVE-2025-24662MEDIUMWordPress LearnDash LMS Plugin <= 4.20.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-13541MEDIUMaDirectory – WordPress Directory Listing Plugin <= 2.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DeletionEPSS 0.3%