Falhas do tipo CWE-862
6.960 resultadosCVE-2025-63049MEDIUMWordPress ListingPro Lead Form plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14895MEDIUMPopupKit <= 2.2.0 - Missing Authorization to Sensitive Information Disclosure and Data DeletionEPSS 0.3%CVE-2026-6441MEDIUMCanto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting ModificationEPSS 0.3%CVE-2025-69220HIGHLibreChat has Insufficient Access Control for Agent FilesEPSS 0.3%CVE-2024-34691MEDIUMMissing Authorization check in SAP S/4HANA (Manage Incoming Payment Files)EPSS 0.3%CVE-2025-68058HIGHWordPress Institutions Directory plugin <= 1.3..4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25441MEDIUMWordPress LeadConnector plugin <= 3.0.21 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62754MEDIUMWordPress Payment Gateway bKash for WC plugin <= 3.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-39685MEDIUMWordPress The Moneytizer plugin <= 10.0.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-13416MEDIUMProfileGrid – User Profiles, Groups and Communities <= 5.9.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User SuspensionEPSS 0.3%CVE-2026-23632MEDIUMGogs user can update repository content with read-only permissionEPSS 0.3%CVE-2019-25351HIGHCentova Cast 3.2.11 - Arbitrary File DownloadEPSS 0.3%CVE-2025-49961MEDIUMWordPress Breeze Checkout plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-34737MEDIUMAVideo: Arbitrary Stripe Subscription Cancellation via Debug Endpoint and retrieveSubscriptions() BugEPSS 0.3%CVE-2025-1668MEDIUMSchool Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Arbitrary User DeletionEPSS 0.3%CVE-2024-56272MEDIUMWordPress Hide Category by User Role for WooCommerce plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-12593HIGHPrivilege escalation via forged API token creation in Axivion Dashboard OIDC/OAuth2/SSO subsystemEPSS 0.3%CVE-2026-54019MEDIUMOpen WebUI: RAG ACL Bypass in Milvus Multitenancy ModeEPSS 0.3%CVE-2026-0692HIGHBlueSnap Payment Gateway for WooCommerce <= 3.4.0 - Missing Authorization to Unauthenticated Arbitrary Order Status ManipulationEPSS 0.3%CVE-2024-13651MEDIUMRapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting ResetEPSS 0.3%