Falhas do tipo CWE-862

7.019 resultados
CVE-2026-31834HIGHUmbraco Affected by Vertical Privilege Escalation via Missing Authorization ChecksEPSS 0.3%CVE-2025-53304MEDIUMWordPress Contact Form – 7 : Hide Success Message plugin <= 1.1.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-53295MEDIUMWordPress iCount Payment Gateway plugin <= 2.0.7 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-49920MEDIUMWordPress Web Accessibility By accessiBe plugin <= 2.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30934MEDIUMWordPress 診断ジェネレータ作成プラグイン plugin <= 1.4.16 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-52803HIGHWordPress Sala theme <= 1.1.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-9132MEDIUMMissing authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository contents via the Copilot pull request diff summary endpointEPSS 0.3%CVE-2024-12253MEDIUMSimple Ecommerce Shopping Cart Plugin- Sell products through Paypal <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update / Data AccessEPSS 0.3%CVE-2025-52804HIGHWordPress Nuss theme <= 1.3.7.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-62976MEDIUMWordPress Sendle Shipping plugin <= 6.02 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68834HIGHWordPress Sync Master Sheet – Product Sync with Google Sheet for WooCommerce plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-36756MEDIUMDevice Takeover vulnerability in SolaX CloudEPSS 0.3%CVE-2026-0272MEDIUMPAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)EPSS 0.3%CVE-2025-64384MEDIUMWordPress JetFormBuilder plugin <= 3.5.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-56104HIGHChainlit < 2.10.1 Session Hijacking via WebSocket Session RestorationEPSS 0.3%CVE-2026-22492MEDIUMWordPress Docket Cache plugin <= 24.07.04 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47560MEDIUMWordPress MapSVG plugin < 8.6.13 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-61442HIGHPraisonAI Platform before 0.1.9 Authorization Bypass via PATCHEPSS 0.3%CVE-2025-14482MEDIUMCrush.pics Image Optimizer <= 1.8.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.3%CVE-2026-57332HIGHWordPress Wallet System for WooCommerce plugin <= 2.7.6 - Broken Access Control vulnerabilityEPSS 0.3%