Falhas do tipo CWE-862

7.018 resultados
CVE-2026-1930MEDIUMEmailchef <= 3.5.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings DeletionEPSS 0.3%CVE-2026-28070MEDIUMWordPress WP eMember plugin <= v10.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-31921HIGHWordPress Product Rearrange for WooCommerce plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-32126HIGHOpenEMR: Inverted ACL Condition in CDR ControllerRouter Allows Any Authenticated User to Modify/Delete Clinical Rules and PlansEPSS 0.3%CVE-2025-57990MEDIUMWordPress Blog Designer Plugin <= 3.1.8 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-12887MEDIUMPost SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.1 - Missing Authorization to Authenticated (Subscriber+) OAuth Token UpdateEPSS 0.3%CVE-2026-45350HIGHOpen WebUI: Chat completion API allows tool restrictions to be bypassedEPSS 0.3%CVE-2026-42226HIGHn8n: Credential Authorization Bypass in dynamic-node-parameters Allows Foreign API Key ReplayEPSS 0.3%CVE-2025-57991MEDIUMWordPress Clariti Plugin <= 1.2.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-52785HIGHWordPress SMM API plugin <= 6.0.31 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-15115MEDIUMPetlibro Smart Pet Feeder Platform through 1.7.31 Authentication Bypass via API endpointEPSS 0.3%CVE-2026-50026MEDIUMFrappe: Lack of permissions checks in 'relink' and 'set_email_password' endpointsEPSS 0.3%CVE-2025-58334HIGHIn JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for tEPSS 0.3%CVE-2025-22280HIGHWordPress DefendWP Firewall Plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-27356MEDIUMWordPress Sticky Header On Scroll plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-5282HIGHWP Travel Engine <= 6.5.1 - Missing Authorization to Unauthenticated Arbitrary Post DeletionEPSS 0.3%CVE-2026-25164HIGHOpenEMR's Document and Insurance REST Endpoints Skip ACLEPSS 0.3%CVE-2026-53866HIGHOpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Command ParsingEPSS 0.3%CVE-2024-42372MEDIUMMissing Authorization check in SAP NetWeaver AS Java (System Landscape Directory)EPSS 0.3%CVE-2026-42071HIGHMantisBT: Private Bugnote Attachment Content Leak via REST APIEPSS 0.3%