Falhas do tipo CWE-862

7.023 resultados
CVE-2026-55417MEDIUMChevereto private profile setting leaks username on /json endpointEPSS 0.2%CVE-2025-13317MEDIUMAppointment Booking Calendar <= 1.3.96 - Missing Authorization to Arbitrary Booking Confirmation via 'cpabc_ipncheck' ParameterEPSS 0.2%CVE-2025-58986MEDIUMWordPress Jock On Air Now (JOAN) plugin <= 6.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-34245MEDIUMAVideo's Missing Authorization in Playlist Schedule Creation Allows Cross-User Broadcast HijackingEPSS 0.2%CVE-2025-66525MEDIUMWordPress Elastic Email Sender plugin <= 1.2.20 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-41128MEDIUMCraft CMS has a Missing Authorization Check on User Group Removal via save-permissions ActionEPSS 0.2%CVE-2025-62972MEDIUMWordPress WebinarPress plugin <= 1.33.28 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-10860MEDIUMNextMove Lite – Thank You Page for WooCommerce <= 2.19.0 - Missing Authorization to Authenticated (Subscriber+) Deactivation Reason SubmissionEPSS 0.2%CVE-2025-53291MEDIUMWordPress Spreadconnect plugin <= 2.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-15369MEDIUMXpro Addons — 140+ Widgets for Elementor <= 1.5.0 - Missing Authorization to Unauthenticated Xpro Template CreationEPSS 0.2%CVE-2025-60103MEDIUMWordPress ListingPro plugin <= 2.9.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57395MEDIUMWordPress Tourfic plugin <= 2.22.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60097MEDIUMWordPress TheGem Theme <= 5.10.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58650MEDIUMWordPress All In One SEO Pack Plugin <= 4.8.7.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-68534MEDIUMWordPress PDF for WPForms plugin <= 6.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2992HIGHKiviCare <= 4.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via Setup WizardEPSS 0.2%CVE-2026-3582MEDIUMIncorrect Authorization in GitHub Enterprise Server allows access to issue and commit search results without repo scopeEPSS 0.2%CVE-2025-66532MEDIUMWordPress Powerlift theme < 3.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60096MEDIUMWordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-7756MEDIUMcode-projects E-Commerce Site cross-site request forgeryEPSS 0.2%