Falhas do tipo CWE-862

7.051 resultados
CVE-2025-66120MEDIUMWordPress CatFolders plugin <= 2.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-8860MEDIUMTourfic <= 2.14.5 - Missing Authorization in Multiple FunctionsEPSS 0.2%CVE-2025-66117HIGHWordPress Easy Form plugin <= 2.7.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-58589MEDIUMFlowDrop - Moderately critical - Access bypass - SA-CONTRIB-2026-067EPSS 0.2%CVE-2025-24653MEDIUMWordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58957MEDIUMWordPress VPSUForm Plugin <= 3.2.20 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-69364MEDIUMWordPress Breeze plugin <= 2.2.21 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12847MEDIUMAll in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic <= 4.8.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Media DeletionEPSS 0.2%CVE-2025-13419MEDIUMGuest posting / Frontend Posting / Front Editor – WP Front User Submit <= 5.0.0 - Missing Authorization to Unauthenticated Media DeletionEPSS 0.2%CVE-2025-42968MEDIUMMissing Authorization check in SAP NetWeaver (RFC enabled function module)EPSS 0.2%CVE-2025-66088HIGHWordPress PropertyHive plugin <= 2.1.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-24744MEDIUMWordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-58590MEDIUMFlowDrop - Moderately critical - Access bypass - SA-CONTRIB-2026-068EPSS 0.2%CVE-2026-27688MEDIUMMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.2%CVE-2025-57985MEDIUMWordPress Ultimate Watermark Plugin <= 1.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-66054HIGHWordPress LearnPress plugin <= 4.2.9.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-42984MEDIUMMissing Authorization check in SAP S/4HANA (Manage Central Purchase Contract application)EPSS 0.2%CVE-2025-69359MEDIUMWordPress Creator LMS plugin <= 1.1.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2518MEDIUMFastX <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation and ActivationEPSS 0.2%CVE-2025-9979MEDIUMMaspik <= 2.5.6 - Authenticated (Subscriber+) Missing Authorization to Spam Log ExportEPSS 0.2%