Falhas do tipo CWE-862
7.039 resultadosCVE-2025-6106MEDIUMWuKongOpenSource WukongCRM AdminRoleController.java cross-site request forgeryEPSS 0.2%CVE-2025-12356MEDIUMTickera – WordPress Event Ticketing <= 3.5.6.4 - Missing Authorization to Authenticated (Subscriber+) Event/Post Status UpdateEPSS 0.2%CVE-2025-55038HIGHAutomationDirect CLICK PLUS Missing AuthorizationEPSS 0.2%CVE-2024-44156HIGHA path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS SequoiaEPSS 0.2%CVE-2026-42174MEDIUMKirby: User avatar creation, replacement and deletion are not gated by user update permissionsEPSS 0.2%CVE-2025-68036HIGHWordPress CubeWP plugin <= 1.1.27 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67548MEDIUMWordPress WP Delicious plugin <= 1.9.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66070HIGHWordPress wpForo Forum plugin <= 2.4.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14633MEDIUMF70 Lead Document Download <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Media File DownloadEPSS 0.2%CVE-2025-67929MEDIUMWordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-33214MEDIUMWeblate has improper access control for the translation memory APIEPSS 0.2%CVE-2020-10746—A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both RESEPSS 0.2%CVE-2026-52812HIGHGogs: LFS dedupe path leaks private repo content across tenantsEPSS 0.2%CVE-2026-3567MEDIUMRepairBuddy <= 4.1132 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via wc_rep_shop_settings_submission AJAX ActionEPSS 0.2%CVE-2025-14365MEDIUMEyewear prescription form <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Category DeletionEPSS 0.2%CVE-2026-39701MEDIUMWordPress ShopWP plugin <= 5.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49431MEDIUMWordPress MF Plus WPML plugin <= 1.1 - Settings Change VulnerabilityEPSS 0.2%CVE-2025-53997MEDIUMWordPress Houzez theme <= 4.0.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-48150MEDIUMWordPress Real Estate Property 2024 Create Your Own Fields and Search Bar WP Plugin plugin <= 4.48 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-49052MEDIUMWordPress Netease Music plugin <= 3.2.1 - Broken Access Control vulnerabilityEPSS 0.2%