Falhas do tipo CWE-862

7.033 resultados
CVE-2026-5228HIGHImproper Access Control in Kurt Software Studio's WriteUp Mobile AppEPSS 0.2%CVE-2025-64148MEDIUMA missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerateEPSS 0.2%CVE-2025-66142MEDIUMWordPress Comparimager for Elementor plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66141MEDIUMWordPress Scroller plugin <= 2.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23955MEDIUMWordPress Xola plugin <= 1.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23954MEDIUMWordPress Salvador – AI Image Generator plugin <= 1.0.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66136MEDIUMWordPress Carter for Elementor plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13414MEDIUMChamber Dashboard Business Directory <= 3.3.11 - Missing Authorization to Unauthenticated Business Information ExportEPSS 0.2%CVE-2025-23930MEDIUMWordPress PayPal Marketing Solutions plugin <= 1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-4128MEDIUMTP Restore Categories And Taxonomies <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Taxonomy Deletion via 'tpmcattt_delete_term' AJAX ActionEPSS 0.2%CVE-2025-23929MEDIUMWordPress Email Capture & Lead Generation Plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68542MEDIUMWordPress Checkout Gateway for IRIS plugin <= 1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1925MEDIUMEmailKit – Email Customizer for WooCommerce & WP <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Title ModificationEPSS 0.2%CVE-2025-26765MEDIUMWordPress Distance Based Shipping Calculator plugin <= 2.0.22 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23962MEDIUMWordPress Goldstar plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-43788MEDIUMThe organization selector in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q1.1 through 2024.Q1.12 and 7.4 update 81 through EPSS 0.2%CVE-2026-5025MEDIUMLangflow - Application Logs Exposed to All Authenticated UsersEPSS 0.2%CVE-2025-31603MEDIUMWordPress CF7 Spreadsheets plugin <= 2.3.2 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-57975MEDIUMWordPress Team Plugin <= 5.0.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-12655MEDIUMHippoo Mobile App for WooCommerce <= 1.7.1 - Missing Authorization to Unauthenticated Limited File WriteEPSS 0.2%