Falhas do tipo CWE-862

7.024 resultados
CVE-2026-7249MEDIUMLocation Weather <= 3.0.2 - Missing Authorization to Authenticated (Contributor+) Block Settings Modification and Cache PurgingEPSS 0.2%CVE-2025-31386MEDIUMWordPress Simple:Press plugin <= 6.11.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24957MEDIUMWordPress Strong Testimonials plugin <= 3.2.20 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68534MEDIUMWordPress PDF for WPForms plugin <= 6.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67976MEDIUMWordPress Watu Quiz plugin <= 3.4.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-44555HIGHOpen WebUI: Base Model Routing Bypasses Access Control via Model ChainingEPSS 0.2%CVE-2025-0067MEDIUMMissing Authorization check in SAP NetWeaver Application Server JavaEPSS 0.2%CVE-2025-60096MEDIUMWordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57395MEDIUMWordPress Tourfic plugin <= 2.22.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25368MEDIUMWordPress Calculated Fields Form plugin <= 5.4.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2306MEDIUMNinja Tables <= 5.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Table CreationEPSS 0.2%CVE-2025-7756MEDIUMcode-projects E-Commerce Site cross-site request forgeryEPSS 0.2%CVE-2025-15369MEDIUMXpro Addons — 140+ Widgets for Elementor <= 1.5.0 - Missing Authorization to Unauthenticated Xpro Template CreationEPSS 0.2%CVE-2025-53291MEDIUMWordPress Spreadconnect plugin <= 2.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-60103MEDIUMWordPress ListingPro plugin <= 2.9.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68837MEDIUMWordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12783MEDIUMPremmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings UpdateEPSS 0.2%CVE-2024-10860MEDIUMNextMove Lite – Thank You Page for WooCommerce <= 2.19.0 - Missing Authorization to Authenticated (Subscriber+) Deactivation Reason SubmissionEPSS 0.2%CVE-2026-24941HIGHWordPress WP Job Portal plugin <= 2.4.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62972MEDIUMWordPress WebinarPress plugin <= 1.33.28 - Broken Access Control vulnerabilityEPSS 0.2%