Falhas do tipo CWE-862

7.071 resultados
CVE-2026-32501HIGHWordPress WP Configurator Pro plugin <= 3.7.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68586MEDIUMWordPress Cooked plugin <= 1.11.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68572MEDIUMWordPress BBP Core plugin <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2900LOWMissing Authorization in GitLabEPSS 0.2%CVE-2025-12175MEDIUMThe Events Calendar <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code ExposureEPSS 0.2%CVE-2025-65020MEDIUMRallly Has Unauthorized Poll Duplication via Insecure Direct Object Reference (IDOR)EPSS 0.2%CVE-2025-50010MEDIUMWordPress Zapier for WordPress plugin <= 1.5.2 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-39688MEDIUMWordPress WP Frontend Profile plugin <= 1.3.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-45001MEDIUMOpenClaw < 2026.4.20 - Gateway Config Mutation Guard Bypass via Agent Tool AccessEPSS 0.2%CVE-2026-32385MEDIUMWordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39664MEDIUMWordPress Leadrebel plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-41012HIGHUnauthorized access vulnerability in TCMAN GIMEPSS 0.2%CVE-2026-24387MEDIUMWordPress WP Quick Post Duplicator plugin <= 2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64350LOWWordPress Rank Math SEO plugin <= 1.0.252.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48337MEDIUMWordPress QuickCab plugin <= 1.3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-6476MEDIUMSourceCodester Gym Management System cross-site request forgeryEPSS 0.2%CVE-2026-32390MEDIUMWordPress Nanosoft theme < 1.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-7834MEDIUMPHPGurukul Complaint Management System cross-site request forgeryEPSS 0.2%CVE-2026-0092CRITICALIn Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead to local escalationEPSS 0.2%CVE-2025-62021MEDIUMWordPress Acknowledgify plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.2%