Falhas do tipo CWE-862

7.039 resultados
CVE-2026-54828HIGHWordPress Motors plugin <= 1.4.109 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69298HIGHWordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-47757MEDIUMWordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access ControlEPSS 0.2%CVE-2026-40592MEDIUMFreeScout's cross-user undo reply allows mailbox peers to recall another agent's outbound replyEPSS 0.2%CVE-2026-11607HIGHTYPO3 CMS - Broken Access Control in Form FrameworkEPSS 0.2%CVE-2025-47444MEDIUMWordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-47343HIGHTYPO3 CMS - Destructive Actions on File Mount FoldersEPSS 0.2%CVE-2026-58167HIGHNightingale < 9.0.0-beta.2 - Datasource Credential Disclosure to Low-Privilege UsersEPSS 0.2%CVE-2025-62017MEDIUMWordPress Kallyas theme <= 4.22.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-48873HIGHWordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-8614MEDIUMAssistio <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion via assistio_plugin_delete_assistio_settings AJAX ActionEPSS 0.2%CVE-2026-45442MEDIUMWordPress Presto Player plugin <= 4.1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-41192HIGHFreeScout's client-controlled attachment IDs allow deletion of existing conversation attachmentsEPSS 0.2%CVE-2026-47349MEDIUMTYPO3 CMS - Broken Access Control in RecyclerEPSS 0.2%CVE-2026-47352MEDIUMTYPO3 CMS - Broken Access Control in Backend APIEPSS 0.2%CVE-2025-60165MEDIUMWordPress Frames Theme <= 1.5.7 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-49070HIGHWordPress Knit Pay plugin <= 9.4.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1935MEDIUMCompany Posts for LinkedIn <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary LinkedIn Post Data DeletionEPSS 0.2%CVE-2026-44563MEDIUMOpen WebUI: Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embeddings, and /api/showEPSS 0.2%CVE-2026-47350MEDIUMTYPO3 CMS - Broken Access Control in DataHandlerEPSS 0.2%