Falhas do tipo CWE-862
6.960 resultadosCVE-2023-32240MEDIUMWordPress Woodmart theme <= 7.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1720HIGHWowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead Generation <= 1.4.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin InstallationEPSS 0.3%CVE-2025-59017MEDIUMBroken Access Control in Backend AJAX RoutesEPSS 0.3%CVE-2024-13703MEDIUMCRM and Lead Management by vcita <= 2.7.5 - Missing Authorization to Authenticated (Susbcriber+) Widget ToggleEPSS 0.3%CVE-2024-12244MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2025-57605HIGHLack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their priEPSS 0.3%CVE-2024-9671MEDIUMSystem: pdf invoices of the developer users can be seen if the url is knownEPSS 0.3%CVE-2026-3977MEDIUMprojectsend AJAX Endpoints authorizationEPSS 0.3%CVE-2025-67563MEDIUMWordPress Post SMTP plugin <= 3.6.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-40837HIGHEricsson Indoor Connect 8855 - Missing Authorization VulnerabilityEPSS 0.3%CVE-2025-1408MEDIUMProfileGrid – User Profiles, Groups and Communities <= 5.9.4.4 - Missing Authorinzation to Authenticated (Subscriber+) Join Group Requests ManagementEPSS 0.3%CVE-2026-3462MEDIUMFrisbii Pay <= 1.8.9 - Missing Authorization to Authenticated (Subscriber+) Payment Token ModificationEPSS 0.3%CVE-2026-4019MEDIUMComplianz – GDPR/CCPA Cookie Consent <= 7.4.5 - Missing Authorization to Unauthenticated Private Post Content Disclosure via Consent Area REST EndpointEPSS 0.3%CVE-2025-62033MEDIUMWordPress Togo theme < 1.0.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-7289MEDIUMPaytium: Mollie payment forms & donations <= 4.3.7 - Missing Authorization in 'paytium_sw_save_api_keys'EPSS 0.3%CVE-2026-2238MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2025-66143MEDIUMWordPress Crumber plugin <= 1.0.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-57632MEDIUMWordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.19.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-48272MEDIUMWordPress WP Job Portal plugin <= 2.3.2 - Insecure Direct Object References (IDOR) VulnerabilityEPSS 0.3%CVE-2025-49432MEDIUMWordPress Ultimate Video Player Plugin <= 10.1 - Broken Access Control VulnerabilityEPSS 0.3%