Falhas do tipo CWE-862

6.960 resultados
CVE-2026-27021MEDIUMDiscourse: Poll voters endpoint lacked post visibility checksEPSS 0.3%CVE-2026-11992MEDIUMEasy Appointments <= 3.12.27 - Missing Authorization to Authenticated (Author+) Bulk Appointment ManipulationEPSS 0.3%CVE-2024-56002MEDIUMWordPress Contact Form, Survey & Form Builder – MightyForms plugin <= 1.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-9954HIGHAcquia DAM - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-105EPSS 0.3%CVE-2024-8437MEDIUMWP Easy Gallery – WordPress Gallery Plugin <= 4.8.5 - Missing Authorization to Authenticated (Subscriber+) Gallery ManipulationEPSS 0.3%CVE-2024-5860MEDIUMTickera <= 3.5.2.8 - Missing Authorization to Authenticated (Susbcriber+) Ticket DeletionEPSS 0.3%CVE-2026-22663HIGHprompts.chat Authorization Bypass Information DisclosureEPSS 0.3%CVE-2025-4046HIGHMissing Authorization in Lexmark Cloud Services badge managementEPSS 0.3%CVE-2025-54002MEDIUMWordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-69385MEDIUMWordPress Cartify - WooCommerce Gutenberg WordPress Theme theme <= 1.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2024-13769MEDIUMPuzzles | WP Magazine / Review with Store WordPress Theme + RTL <= 4.2.4 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-31876MEDIUMWordPress Payday plugin <= 3.3.18 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-46645MEDIUMSQLAdmin: Authorization Bypass on `ajax_lookup`EPSS 0.3%CVE-2026-28038MEDIUMWordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.21.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30960HIGHWordPress FS Poster plugin <= 6.5.8 - Subscriber+ Site Wide Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-25997MEDIUMWordPress Sola Support Ticket <= 3.17 - Arbitrary Content Deletion VulnerabilityEPSS 0.3%CVE-2025-62906MEDIUMWordPress Referral Link Tracker plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-44442CRITICALERPNext: Unauthorised Document modification due to missing validationEPSS 0.3%CVE-2024-30528MEDIUMWordPress Spiffy Calendar plugin <= 4.9.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-40773MEDIUMWordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.7.9 - Broken Access Control vulnerabilityEPSS 0.3%