Falhas do tipo CWE-862

7.017 resultados
CVE-2025-41339HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-12027MEDIUMMesmerize Companion <= 1.6.158 - Missing Authorization Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2026-54005HIGHKirby: `pages.access` permission is not checked in the `site/find` REST API routeEPSS 0.3%CVE-2025-68073MEDIUMWordPress GDPR CCPA Compliance Support plugin <= 2.7.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-50034MEDIUMWordPress Enhanced Blocks – Page Builder Blocks for Gutenberg plugin <= 1.4.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-57221MEDIUMRabbitMQ: Passive queue/exchange declaration bypasses authorization checks, leaking queue metadata to unprivileged usersEPSS 0.3%CVE-2025-2719MEDIUMSwatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) 1.2.8 - 1.4.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.3%CVE-2025-2104MEDIUMPage Builder: Pagelayer – Drag and Drop website builder <= 1.9.9 - Missing Authorization to Authenticated (Contributor+) Post PublicationEPSS 0.3%CVE-2025-11894MEDIUMShelf Planner <= 2.8.1 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.3%CVE-2025-42891MEDIUMMissing Authorization check in SAP Enterprise Search for ABAPEPSS 0.3%CVE-2025-2779MEDIUMInsert Headers and Footers Code – HT Script <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.3%CVE-2025-31882MEDIUMWordPress Webinar Plugin <= 1.33.28 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-22486MEDIUMWordPress Re Gallery plugin <= 1.18.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67977HIGHWordPress HAPPY plugin <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-66121MEDIUMWordPress SiteGround Security plugin <= 1.5.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37210MEDIUMWordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-20302MEDIUMCisco Secure Firewall Management Center Software Authorization Bypass VulnerabilityEPSS 0.3%CVE-2025-64137MEDIUMA missing permission check in Jenkins Themis Plugin 1.4.1 and earlier allows attackers with Overall/Read permission to connect to an attackeEPSS 0.3%CVE-2026-24972MEDIUMWordPress Elated Listing plugin <= 1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68503MEDIUMWordPress JetBlog plugin <= 2.4.7 - Broken Access Control vulnerabilityEPSS 0.3%