Falhas do tipo CWE-862

7.050 resultados
CVE-2024-13715MEDIUMzStore Manager Basic <= 3.311 - Missing Authorization to Authenticated (Subscriber+) Cache ClearingEPSS 0.2%CVE-2026-27398MEDIUMWordPress RSVP and Event Management plugin <= 2.7.16 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-0515MEDIUMBuzz Club – Night Club, DJ and Music Festival Event WordPress Theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Option UpdateEPSS 0.2%CVE-2026-56695HIGHOpenHarness - Cross-Session Disclosure via /resume and /summary CommandsEPSS 0.2%CVE-2023-45245LOWSensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) beEPSS 0.2%CVE-2026-2720MEDIUMHr Press Lite <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Employee Information ExposureEPSS 0.2%CVE-2026-39655MEDIUMWordPress Mayosis Core plugin <= 5.4.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24592MEDIUMWordPress Auto Affiliate Links plugin <= 6.8.8.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-8739MEDIUMzhenfeng13 My-Blog save cross-site request forgeryEPSS 0.2%CVE-2026-1631MEDIUMFeeds for YouTube < 2.6.4 - Subscriber+ License Data DeletionEPSS 0.2%CVE-2026-29072HIGHDiscourse missing permission check for policy creation in discourse-policyEPSS 0.2%CVE-2026-49821HIGHFission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltrationEPSS 0.2%CVE-2026-25768HIGHLavinMQ is missing vhost access controlEPSS 0.2%CVE-2026-57949HIGHruoyi-vue-pro - Missing Authorization in CRM Follow-up Record GET EndpointEPSS 0.2%CVE-2026-27357MEDIUMWordPress WP Search Analytics plugin < 1.5.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25431MEDIUMWordPress Hustle plugin <= 7.8.10.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13404MEDIUMatec Duplicate Page & Post <= 1.2.20 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication and Data ExposureEPSS 0.2%CVE-2024-8860MEDIUMTourfic <= 2.14.5 - Missing Authorization in Multiple FunctionsEPSS 0.2%CVE-2025-59559MEDIUMWordPress Payrexx Payment Gateway for WooCommerce Plugin <= 3.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-66117HIGHWordPress Easy Form plugin <= 2.7.8 - Broken Access Control vulnerabilityEPSS 0.2%