Falhas do tipo CWE-862

7.052 resultados
CVE-2025-69359MEDIUMWordPress Creator LMS plugin <= 1.1.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58957MEDIUMWordPress VPSUForm Plugin <= 3.2.20 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-59559MEDIUMWordPress Payrexx Payment Gateway for WooCommerce Plugin <= 3.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-58589MEDIUMFlowDrop - Moderately critical - Access bypass - SA-CONTRIB-2026-067EPSS 0.2%CVE-2025-57985MEDIUMWordPress Ultimate Watermark Plugin <= 1.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-24653MEDIUMWordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-42968MEDIUMMissing Authorization check in SAP NetWeaver (RFC enabled function module)EPSS 0.2%CVE-2025-57995MEDIUMWordPress DethemeKit For Elementor Plugin <= 2.1.10 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-1787MEDIUMLearnPress Export Import <= 4.1.0 - Missing Authentication to Unauthenticated Migrated Course DeletionEPSS 0.2%CVE-2025-66120MEDIUMWordPress CatFolders plugin <= 2.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-65028MEDIUMRallly Has an IDOR Vulnerability in Vote Update Endpoint Allows Unauthorized Manipulation of Participant VotesEPSS 0.2%CVE-2025-13119MEDIUMFabian Ros/SourceCodester Simple E-Banking System cross-site request forgeryEPSS 0.2%CVE-2025-9637MEDIUMQuiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response UploadsEPSS 0.2%CVE-2026-0676MEDIUMWordPress Zorka theme <= 1.5.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-24584MEDIUMWordPress Ultimate Store Kit Elementor Addons plugin <= 2.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-24754MEDIUMWordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3831MEDIUMDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.9 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via ShortcodeEPSS 0.2%CVE-2025-14367MEDIUMEasy Theme Options <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings ImportEPSS 0.2%CVE-2025-22722MEDIUMWordPress Widget Options plugin <= 4.0.8 - Broken Access Control to Notice Dimissal vulnerabilityEPSS 0.2%CVE-2026-57335MEDIUMWordPress Ads by WPQuads plugin <= 3.0.3 - Broken Access Control vulnerabilityEPSS 0.2%