Falhas do tipo CWE-862

6.948 resultados
CVE-2025-33182HIGHNVIDIA Jetson Linux contains a vulnerability in UEFI, where improper authentication may allow a privileged user to cause corruption of the LEPSS 0.3%CVE-2025-67540MEDIUMWordPress Animation Addons for Elementor plugin <= 2.4.5 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2025-65098HIGHTypebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization BypassEPSS 0.3%CVE-2025-3257MEDIUMxujiangfei admintwo updateSet cross-site request forgeryEPSS 0.3%CVE-2026-3432CRITICALSim Studio AI - Unauthenticated OAuth Token TheftEPSS 0.3%CVE-2024-56225MEDIUMWordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-2941HIGHLinksy Search and Replace <= 1.0.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Database Update via linksy_search_and_replace_item_detailsEPSS 0.3%CVE-2025-63069MEDIUMWordPress Ivory Search plugin <= 5.5.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-13950MEDIUMOneSignal – Web Push Notifications <= 3.6.1 - Missing Authorization to Unauthenticated Plugin Settings UpdateEPSS 0.3%CVE-2025-49916HIGHWordPress MultiVendorX plugin <= 4.2.23 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-32258MEDIUMWordPress Simple Website Logo plugin <= 1.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-50029MEDIUMWordPress AI Tools <= 4.0.7 - Arbitrary Content Deletion VulnerabilityEPSS 0.3%CVE-2024-45307HIGHSudoBot missing authorization check in `-config` commandEPSS 0.3%CVE-2026-6798MEDIUM2Download Connector for 2DL Hosted Checkout <= 0.1.5 - Missing Authorization to Unauthenticated Sensitive Customer Subscription Data Exposure via 'ToDownload_email' ParameterEPSS 0.3%CVE-2024-35741MEDIUMWordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-57921MEDIUMWordPress Frontend File Manager plugin <= 23.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-57353MEDIUMWordPress Link Whisper Premium plugin <= 2.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-46203MEDIUMWordPress Just Custom Fields plugin <= 3.3.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-55995MEDIUMWordPress Torod plugin <= 1.7 - Settings Change vulnerabilityEPSS 0.3%CVE-2025-69137MEDIUMWordPress Genemy theme <= 1.6.6 - Broken Access Control vulnerabilityEPSS 0.3%