Falhas do tipo CWE-862

7.062 resultados
CVE-2026-14934CRITICALCross-Tenant Repository Takeover via Improper Access Control in BigQuery, Dataform and Colab EnterpriseEPSS 0.2%CVE-2025-64234MEDIUMWordPress Evergreen Content Poster plugin <= 1.4.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-3953MEDIUMWP Statistics – The Most Popular Privacy-Friendly Analytics Plugin <= 14.13.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings UpdateEPSS 0.2%CVE-2026-10609MEDIUMOpenshift/cluster-logging-operator: cluster logging operator creates and forwards serviceaccount tokens without verifying clf creator authorizationEPSS 0.2%CVE-2026-32818MEDIUMAdmidio is Missing Authorization on Forum Topic and Post DeletionEPSS 0.2%CVE-2026-49374HIGHIn JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parametersEPSS 0.2%CVE-2025-54733MEDIUMWordPress All Bootstrap Blocks Plugin <= 1.3.28 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-5813MEDIUMAmazon Products to WooCommerce <= 1.2.7 - Missing Authorization to Unauthenticated Arbitrary Product CreationEPSS 0.2%CVE-2025-69381HIGHWordPress WooCommerce Bulk Product Editor plugin <= 3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-5814MEDIUMProfiler – What Slowing Down Your WP <= 1.0.0 - Missing Authentication to Unauthenticated Arbitrary Plugin Reactivation via State RestorationEPSS 0.2%CVE-2025-64369MEDIUMWordPress Contact Form Email plugin <= 1.3.58 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13558MEDIUMBlog2Social <= 8.7.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post TrashingEPSS 0.2%CVE-2026-24633MEDIUMWordPress Add Expires Headers & Optimized Minify plugin <= 3.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32586MEDIUMWordPress Booster for WooCommerce plugin < 7.11.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-15475MEDIUMPayHere Payment Gateway Plugin for WooCommerce <= 2.3.9 - Missing Authorization to Unauthenticated Order Status ModificationEPSS 0.2%CVE-2025-62013MEDIUMWordPress UiChemy plugin <= 4.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23188MEDIUMMissing Authorization check in SAP S/4HANA (RBD)EPSS 0.2%CVE-2025-62122MEDIUMWordPress Trash Duplicate and 301 Redirect plugin <= 1.9.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62928MEDIUMWordPress SEO Meta Description Updater plugin <= 1.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9219MEDIUMPost SMTP <= 3.4.1 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Option UpdateEPSS 0.2%