Falhas do tipo CWE-862

6.959 resultados
CVE-2026-32515HIGHWordPress Miraculous theme < 2.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-42318HIGHGLPI Vulnerable to Arbitrary Item Deletion via Planning EndpointEPSS 0.3%CVE-2025-68048HIGHWordPress NextMove Lite plugin <= 2.23.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-49081HIGHWordPress User Registration Stripe plugin <= 1.3.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25317HIGHWordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-42949MEDIUMMissing Authorization check in ABAP PlatformEPSS 0.3%CVE-2024-50456MEDIUMWordPress SEOPress plugin <= 8.1.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-42682CRITICALWordPress wpForo Forum plugin <= 3.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-1851MEDIUMaffiliate-toolkit – WordPress Affiliate Plugin <= 3.5.4 - Missing Authorization via atkp_create_listEPSS 0.3%CVE-2026-45267MEDIUMNextcloud: Missing permission check for from submissionsEPSS 0.3%CVE-2026-39501MEDIUMWordPress FOX plugin <= 1.4.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-38514MEDIUMWordPress Social Share Icons & Social Share Buttons plugin <= 3.5.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14342MEDIUMSEO Plugin by Squirrly SEO <= 12.4.14 - Missing Authorization to Authenticated (Subscriber+) Cloud Service DisconnectionEPSS 0.3%CVE-2026-30845MEDIUMWekan Exposes Sensitive Data through Lack of Field Filtering During Board PublicationEPSS 0.3%CVE-2025-47634MEDIUMWordPress WC Pickup Store plugin <= 1.8.9 - Settings Change VulnerabilityEPSS 0.3%CVE-2026-3045HIGHAppointment Booking Calendar <= 1.6.9.29 - Missing Authorization to Unauthenticated Sensitive Information Exposure via Settings REST API EndpointEPSS 0.3%CVE-2025-49241MEDIUMWordPress oik plugin <= 4.15.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-32308HIGHWordPress Team Builder plugin <= 1.5.7 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-6748MEDIUMCustom Field Template <= 2.6.1 - Authenticated(Contributor+) Information ExposureEPSS 0.3%CVE-2026-8976MEDIUMRSS Aggregator by Feedzy <= 5.1.7 - Missing Authorization to Authenticated (Contributor+) Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure via Multiple AJAX Sub-ActionsEPSS 0.3%