Falhas do tipo CWE-862

7.039 resultados
CVE-2026-22458MEDIUMWordPress Wanderland theme <= 1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-3863MEDIUMPost Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form FunctionEPSS 0.2%CVE-2026-53730HIGHDataEase: Unauthorized Access to Engine Database via previewSql EndpointEPSS 0.2%CVE-2025-69031MEDIUMWordPress Arcane theme <= 3.6.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-35443MEDIUMNamelessMC: Forum reactions bypass the "view own topics only" restrictionEPSS 0.2%CVE-2025-49339MEDIUMWordPress Direct Payments WP plugin <= 1.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66082MEDIUMWordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-31841MEDIUMWordPress FPW Category Thumbnails Plugin <= 1.9.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32658HIGHDell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote acEPSS 0.2%CVE-2026-25410MEDIUMWordPress WP-CORS plugin <= 0.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-58448HIGHyudao-cloud < 2026.06 - BPM Module Broken Access Control via process-instance APIEPSS 0.2%CVE-2026-60118MEDIUMHi.Events < 1.11.0 Hidden Ticket Enumeration via Order Creation EndpointEPSS 0.2%CVE-2026-24524MEDIUMWordPress Tablesome plugin <= 1.2.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-59853MEDIUMSiYuan: Publish-mode Reader can exfiltrate private saved-search Criteria via /api/storage/getCriteria (missing publish-access filter)EPSS 0.2%CVE-2025-66080MEDIUMWordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24588MEDIUMWordPress Smart Product Viewer plugin <= 1.5.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62019MEDIUMWordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67973MEDIUMWordPress Sunshine Photo Cart plugin <= 3.5.6.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68050MEDIUMWordPress Leadpages plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-1528MEDIUMSearch and filter pro <= 2.5.19 - Missing Authorization to Authenticated (Subscriber+) Post Meta ExposureEPSS 0.2%