Falhas do tipo CWE-862

7.018 resultados
CVE-2025-49989MEDIUMWordPress App Builder plugin <= 5.5.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3687MEDIUMmisstt123 oasys Sticky Notes cross-site request forgeryEPSS 0.3%CVE-2025-48166MEDIUMWordPress Stop and Block bots plugin Anti bots <= 1.48 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-27708HIGHFOSSBilling: IDOR in Servicecustom Client API allows cross-client data accessEPSS 0.3%CVE-2026-24587MEDIUMWordPress AJAX Hits Counter + Popular Posts Widget plugin <= 0.10.210305 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-32296MEDIUMWordPress Simple Link Directory Pro plugin < 14.8.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-53986MEDIUMWordPress Hestia theme <= 3.2.10 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-24561MEDIUMWordPress FluentBoards plugin <= 1.91.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-48155MEDIUMWordPress Residential Address Detection plugin <= 2.5.9 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-43580MEDIUMOpenClaw < 2026.4.10 - Incomplete Navigation Guard Coverage in Browser InteractionsEPSS 0.3%CVE-2025-49394HIGHWordPress Image Gallery block – Create and display photo gallery/photo album. plugin <= 1.0.7 - Broken Authentication vulnerabilityEPSS 0.3%CVE-2023-40209MEDIUMWordPress Highcompress Image Compressor plugin <= 6.0.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25124MEDIUMOpenEMR has Broken Access Control in Report/Clients/Message List CSV ExportEPSS 0.3%CVE-2025-9484MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2025-53959HIGHIn JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possibleEPSS 0.3%CVE-2025-64277MEDIUMWordPress ChatBot plugin <= 7.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-35621HIGHOpenClaw < 2026.3.24 - Privilege Escalation via chat.send to Allowlist PersistenceEPSS 0.3%CVE-2024-5987MEDIUMWP Accessibility Helper <= 0.6.2.8 - Missing Authorization to Authenticated (Subscriber+) Limited Settings UpdateEPSS 0.3%CVE-2025-11269MEDIUMProduct Filter by WBW <= 3.0.0 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.3%CVE-2026-42763MEDIUMWordPress SePay Gateway plugin <= 1.1.20 - Sensitive Data Exposure vulnerabilityEPSS 0.3%