Falhas do tipo CWE-862

6.960 resultados
CVE-2025-42891MEDIUMMissing Authorization check in SAP Enterprise Search for ABAPEPSS 0.3%CVE-2025-66121MEDIUMWordPress SiteGround Security plugin <= 1.5.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24972MEDIUMWordPress Elated Listing plugin <= 1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-57221MEDIUMRabbitMQ: Passive queue/exchange declaration bypasses authorization checks, leaking queue metadata to unprivileged usersEPSS 0.3%CVE-2025-12027MEDIUMMesmerize Companion <= 1.6.158 - Missing Authorization Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2026-22486MEDIUMWordPress Re Gallery plugin <= 1.18.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-11894MEDIUMShelf Planner <= 2.8.1 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.3%CVE-2024-13686MEDIUMVW Storefront <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings ResetEPSS 0.3%CVE-2025-31882MEDIUMWordPress Webinar Plugin <= 1.33.28 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-2104MEDIUMPage Builder: Pagelayer – Drag and Drop website builder <= 1.9.9 - Missing Authorization to Authenticated (Contributor+) Post PublicationEPSS 0.3%CVE-2025-68073MEDIUMWordPress GDPR CCPA Compliance Support plugin <= 2.7.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-54005HIGHKirby: `pages.access` permission is not checked in the `site/find` REST API routeEPSS 0.3%CVE-2025-68503MEDIUMWordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-64639MEDIUMWordPress WP Compress for MainWP plugin <= 6.50.17 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-50034MEDIUMWordPress Enhanced Blocks – Page Builder Blocks for Gutenberg plugin <= 1.4.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-2779MEDIUMInsert Headers and Footers Code – HT Script <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.3%CVE-2025-22629MEDIUMWordPress iNET Webkit Plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-64137MEDIUMA missing permission check in Jenkins Themis Plugin 1.4.1 and earlier allows attackers with Overall/Read permission to connect to an attackeEPSS 0.3%CVE-2024-4102MEDIUMPricing Table <= 2.0.1 - Missing AuthorizationEPSS 0.3%CVE-2025-67977HIGHWordPress HAPPY plugin <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.3%