Falhas do tipo CWE-862
7.018 resultadosCVE-2025-57990MEDIUMWordPress Blog Designer Plugin <= 3.1.8 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-52785HIGHWordPress SMM API plugin <= 6.0.31 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-50026MEDIUMFrappe: Lack of permissions checks in 'relink' and 'set_email_password' endpointsEPSS 0.3%CVE-2026-25164HIGHOpenEMR's Document and Insurance REST Endpoints Skip ACLEPSS 0.3%CVE-2025-39580MEDIUMWordPress Dashi plugin <= 3.1.8 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-57991MEDIUMWordPress Clariti Plugin <= 1.2.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-42372MEDIUMMissing Authorization check in SAP NetWeaver AS Java (System Landscape Directory)EPSS 0.3%CVE-2026-24575MEDIUMWordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3979MEDIUMdazhouda lecms Password Change index.php cross-site request forgeryEPSS 0.3%CVE-2026-6834HIGHaEnrich|a+HRD - Missing AuthorizationEPSS 0.3%CVE-2026-1906MEDIUMPDF Invoices & Packing Slips for WooCommerce <= 5.6.0 - Missing Authorization to Authenticated (Subscriber+) Peppol Identifier ModificationEPSS 0.3%CVE-2025-3964MEDIUMwithstars Books-Management-System Article del cross-site request forgeryEPSS 0.3%CVE-2025-31878MEDIUMWordPress UPC/EAN/GTIN Code Generator plugin <= 2.0.2 - Settings Change vulnerabilityEPSS 0.3%CVE-2025-6171MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2025-3959MEDIUMwithstars Books-Management-System reader_delete.html cross-site request forgeryEPSS 0.3%CVE-2026-57622MEDIUMWordPress WPCafe plugin <= 3.0.14 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-59227MEDIUMOpen WebUI: POST /api/v1/images/edit bypasses the global image-edit switch and the per-user image-generation permissionEPSS 0.3%CVE-2025-62944MEDIUMWordPress MSTW CSV EXPORTER plugin <= 1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-4571MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And ModificationEPSS 0.3%CVE-2025-15235HIGHQuanta Computer|QOCA aim AI Medical Cloud Platform - Missing AuthorizationEPSS 0.3%