Falhas do tipo CWE-862

7.074 resultados
CVE-2025-62953MEDIUMWordPress Welcart e-Commerce plugin <= 2.11.24 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62952MEDIUMWordPress ChatBot plugin <= 7.7.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-58408MEDIUMChurchCRM : Broken Access Control in `CSVCreateFile.php` Allows Low-Privileged Users to Export All Members' PIIEPSS 0.2%CVE-2025-13866MEDIUMFlow-Flow Social Feed Stream 3.0.0 - 4.7.5 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via flow_flow_social_auth AJAX actionEPSS 0.2%CVE-2025-62999MEDIUMWordPress Litho Addons plugin <= 3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-1358MEDIUMPix Software Vivaz cross-site request forgeryEPSS 0.2%CVE-2026-24638MEDIUMWordPress RepairBuddy plugin <= 4.1121 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39477MEDIUMWordPress CartFlows plugin <= 2.2.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53318MEDIUMWordPress WP DB Booster plugin <= 1.0.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57286MEDIUMA missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca_ and earlier allows attackers with Item/Read permission to obtaEPSS 0.2%CVE-2025-54717MEDIUMWordPress WP Membership Plugin <= 1.6.3 - Settings Change VulnerabilityEPSS 0.2%CVE-2026-40133MEDIUMMissing Authorization check in SAP S/4HANA Condition MaintenanceEPSS 0.2%CVE-2026-59704HIGHCap - Missing Access Control in Video AI Metadata EndpointEPSS 0.2%CVE-2025-54037MEDIUMWordPress News Kit Elementor Addons plugin <= 1.3.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-42917MEDIUMMissing Authorization check in SAP HCM (Approve Timesheets Fiori 2.0 application)EPSS 0.2%CVE-2026-57285MEDIUMA missing permission check in Jenkins GitHub Branch Source Plugin 1967.1969.v205fd594c821 and earlier allows attackers with Overall/Read perEPSS 0.2%CVE-2025-64638MEDIUMWordPress OnPay.io for WooCommerce plugin <= 1.0.47 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66063MEDIUMWordPress WP Google Review Slider plugin <= 17.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-35598MEDIUMVikunja has Missing Authorization on CalDAV Task ReadEPSS 0.2%CVE-2025-15289LOWTanium addressed an improper access controls vulnerability in Interact.EPSS 0.2%