Falhas do tipo CWE-862
6.793 resultadosCVE-2022-36068HIGHDiscourse moderators can edit themes via the APIEPSS 0.7%CVE-2022-31595—SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalatiEPSS 0.7%CVE-2025-14155MEDIUMPremium Addons for Elementor <= 4.11.53 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'get_template_content'EPSS 0.7%CVE-2022-41929MEDIUMMissing Authorization in User#setDisabledStatus in org.xwiki.platform:xwiki-platform-oldcoreEPSS 0.7%CVE-2023-30486MEDIUMWordPress Square theme <= 2.0.0 - Broken Access ControlEPSS 0.7%CVE-2024-21216CRITICALVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.7%CVE-2026-27181HIGHMajorDoMo Unauthenticated Module Uninstall via Market EndpointEPSS 0.7%CVE-2023-28657HIGHImproper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected prodEPSS 0.7%CVE-2024-45461MEDIUMApache CloudStack Quota plugin: Access checks not enforced in QuotaEPSS 0.7%CVE-2023-1865MEDIUMYourChannel <= 1.2.3 - Missing Authorization to Plugin Settings ResetEPSS 0.7%CVE-2024-12594HIGHALL In One Custom Login Page <= 7.1.1 - Missing Authorization to Authenticated (Subscriber+)Privilege EscalationEPSS 0.7%CVE-2019-25143MEDIUMGDPR Cookie Compliance <= 4.0.2 - Missing AuthorizationEPSS 0.7%CVE-2024-11643HIGHAccessibility by AllAccessible <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option UpdateEPSS 0.7%CVE-2022-2732HIGHMissing Authorization in openemr/openemrEPSS 0.7%CVE-2025-10690CRITICALGoza - Nonprofit Charity WordPress Theme <= 3.2.2 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin InstallationEPSS 0.7%CVE-2022-46838CRITICALWordPress JS Help Desk plugin <= 2.7.1 - Unauthenticated Settings Change VulnerabilityEPSS 0.7%CVE-2024-12544HIGHSurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 1.12.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion via SurveyJS_DeleteFileEPSS 0.7%CVE-2022-4366MEDIUMMissing Authorization in lirantal/daloradiusEPSS 0.7%CVE-2026-32583MEDIUMWordPress Modern Events Calendar plugin <= 7.29.0 - Broken Access Control vulnerabilityEPSS 0.7%CVE-2021-24842—Bulk Datetime Change < 1.12 - Missing AuthorisationEPSS 0.7%