Falhas do tipo CWE-862

6.959 resultados
CVE-2025-39541MEDIUMWordPress WP Simple Booking Calendar plugin <= 2.0.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-50031MEDIUMWordPress DB Backup <= 6.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-4292LOWPrivilege abuse in ModelAdmin.list_editableEPSS 0.3%CVE-2025-41112HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-41336HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2024-32949HIGHWordPress Integrate Google Drive plugin <= 1.3.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-40937HIGHRustFS missing admin authorization on notification target endpoints, which allows unauthenticated configuration of event webhooksEPSS 0.3%CVE-2025-5956MEDIUMWP Human Resource Management 2.0.0 - 2.2.17 - Missing Authorization to Authenticated (Employee+) Arbitrary User Deletion via ajax_delete_employee FunctionEPSS 0.3%CVE-2023-23639MEDIUMWordPress MainWP Staging Extension Plugin <= 4.0.3 - Subscriber+ Arbitrary Plugin Activation VulnerabilityEPSS 0.3%CVE-2025-31858MEDIUMWordPress Local Magic plugin <= 2.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-34903MEDIUMWordPress Ocean Extra plugin <= 2.5.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12606MEDIUMAI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2025-67970MEDIUMWordPress Schedula plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1831LOWYayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Plugin Installation and ActivationEPSS 0.3%CVE-2023-23640MEDIUMWordPress MainWP UpdraftPlus Extension Plugin <= 4.0.6 - Subscriber+ Arbitrary Plugin Activation VulnerabilityEPSS 0.3%CVE-2026-45285MEDIUMNextcloud: Hidden Public Link creation when sharing to a Team External MemberEPSS 0.3%CVE-2025-62049MEDIUMWordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-33359HIGHMeari unauthenticated alert image access in cloud object storageEPSS 0.3%CVE-2025-41337HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2026-25398MEDIUMWordPress Vertex Addons for Elementor plugin <= 1.6.4 - Broken Access Control vulnerabilityEPSS 0.3%