Falhas do tipo CWE-862
7.017 resultadosCVE-2025-20302MEDIUMCisco Secure Firewall Management Center Software Authorization Bypass VulnerabilityEPSS 0.3%CVE-2025-11894MEDIUMShelf Planner <= 2.8.1 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.3%CVE-2025-42891MEDIUMMissing Authorization check in SAP Enterprise Search for ABAPEPSS 0.3%CVE-2025-50034MEDIUMWordPress Enhanced Blocks – Page Builder Blocks for Gutenberg plugin <= 1.4.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-2104MEDIUMPage Builder: Pagelayer – Drag and Drop website builder <= 1.9.9 - Missing Authorization to Authenticated (Contributor+) Post PublicationEPSS 0.3%CVE-2026-9014MEDIUMWP Promoter <= 1.3 - Missing Authorization to Unauthenticated Statistics Reset via wpp-reset_stats AJAX ActionEPSS 0.3%CVE-2025-66736HIGHyoulai-boot V2.21.1 is vulnerable to Incorrect Access Control. The importUsers function in SysUserController.java does not perform a permissEPSS 0.3%CVE-2023-48761MEDIUMWordPress JetElements For Elementor plugin <= 2.6.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-28254MEDIUMMissing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer ConciergeEPSS 0.3%CVE-2025-59416HIGHThe Scratch Channel forks can publish articlesEPSS 0.3%CVE-2025-52775HIGHWordPress Project Cost Calculator Plugin <= 1.0.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-4302MEDIUMMissing permission checks in Fortify Plugin allow capturing credentialsEPSS 0.3%CVE-2025-52554MEDIUMn8n Improper Authorization in Workflow Execution Stop Endpoint Allows Terminating Other Users’ WorkflowsEPSS 0.3%CVE-2025-14079MEDIUMELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.5 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2025-62922MEDIUMWordPress Export Categories plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2022-47339MEDIUMIn cmd services, there is a OS command injection issue due to missing permission check. This could lead to local escalation of privilege witEPSS 0.3%CVE-2026-28554MEDIUMwpForo Forum 2.4.14 Missing Authorization via Post Approval AJAX HandlerEPSS 0.3%CVE-2024-55072MEDIUMA Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their EPSS 0.3%CVE-2026-28555MEDIUMwpForo Forum 2.4.14 Missing Authorization via Topic Close AJAX HandlerEPSS 0.3%CVE-2024-12855MEDIUMAdForest - Classified Ads WordPress Theme <= 5.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post/Attachment DeletionEPSS 0.3%