Falhas do tipo CWE-862

6.959 resultados
CVE-2023-39993MEDIUMWordPress ElementsKit Lite plugin <= 2.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-49057HIGHWordPress JobSearch plugin <= 3.2.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-21748MEDIUMWordPress Icegram Engage plugin <= 3.1.21 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22285MEDIUMWordPress Pallet Packaging for WooCommerce Plugin <= 1.1.15 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22698MEDIUMWordPress Accessibility Suite by Ability, Inc plugin <= 4.18 - Multiple Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14718MEDIUMSchedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories <= 4.9.3 - Missing Authorization to Authenticated (Contributor+) Workflow ManipulationEPSS 0.3%CVE-2023-52117MEDIUMWordPress ProfileGrid plugin <= 5.6.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37172MEDIUM[CVE-2024-37172] Missing Authorization check in SAP S/4HANA Finance (Advanced Payment Management)EPSS 0.3%CVE-2025-47556MEDIUMWordPress CSS3 Compare Pricing Tables for WordPress plugin <= 11.6 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-65029HIGHRallly Has an IDOR Vulnerability in Participant Deletion Endpoint Allows Unauthorized Removal of Poll ParticipantsEPSS 0.3%CVE-2025-30958MEDIUMWordPress onOffice for WP-Websites plugin <= 6.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-13412HIGHCozyStay <= 1.7.0 - Missing Authorization to Arbitrary Action Execution in ajax_handlerEPSS 0.3%CVE-2025-22318HIGHWordPress Standard Box Sizes plugin <= 1.6.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-32483MEDIUMWordPress Contact Form Email plugin <= 1.3.63 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25036MEDIUMWordPress Passster plugin <= 4.2.25 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-32455MEDIUMWordPress Fatal Error Notify plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11926MEDIUMTraveler <= 3.1.6 - Missing Authorization in Several AJAX ActionsEPSS 0.3%CVE-2025-39451HIGHWordPress JetBlocks For Elementor plugin <= 1.3.16 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-39449HIGHWordPress JetWooBuilder plugin <= 2.1.18 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-43316HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26, visionOS 26. A malicious app may be aEPSS 0.3%