Falhas do tipo CWE-862

7.033 resultados
CVE-2026-25323MEDIUMWordPress OSM plugin <= 6.1.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-24108MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3. An app may be able to access EPSS 0.2%CVE-2026-32438MEDIUMWordPress VW School Education theme <= 1.4.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-26002MEDIUMWordPress 6Storage Rentals <= 2.19.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57640MEDIUMWordPress MasterStudy LMS plugin <= 3.7.30 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57830HIGHJoomla Extension - joomshaper.com - Unauthenticated arbitrary file deletion in Helix Ultimate < 2.2.7EPSS 0.2%CVE-2025-0856HIGHPGS Core <= 5.8.0 - Missing Authorization via Multiple FunctionsEPSS 0.2%CVE-2026-32427MEDIUMWordPress VW Education Lite plugin <= 2.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-40723MEDIUMWordPress Bricks Builder theme <= 2.1.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-22721MEDIUMWordPress ApplyOnline plugin <= 2.6.7.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25395MEDIUMWordPress Business Roy theme <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32437MEDIUMWordPress VW Portfolio theme <= 1.3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-4327MEDIUMMRCMS cross-site request forgeryEPSS 0.2%CVE-2026-34247MEDIUMAVideo's IDOR in uploadPoster.php Allows Any Authenticated User to Overwrite Scheduled Live Stream Posters and Trigger False Socket NotificationsEPSS 0.2%CVE-2025-22779MEDIUMWordPress WP News Sliders plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2601MEDIUMMissing Authorization in GitLabEPSS 0.2%CVE-2025-43838MEDIUMWordPress Custom PC Builder Lite for WooCommerce <= 1.0.1 - Settings Change VulnerabilityEPSS 0.2%CVE-2025-63078MEDIUMWordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-8689MEDIUMVisualizer: Tables and Charts Manager for WordPress <= 3.11.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Chart Creation and Modification via renderChartPages() and uploadData() FunctionsEPSS 0.2%CVE-2023-7290MEDIUMPaytium: Mollie payment forms & donations <= 4.3.7 - Missing Authorization in 'check_for_verified_profiles'EPSS 0.2%