Falhas do tipo CWE-862
6.842 resultadosCVE-2024-4660MEDIUMMissing Authorization in GitLabEPSS 0.5%CVE-2026-40976CRITICALIn certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an applicatioEPSS 0.5%CVE-2023-27608MEDIUMWordPress Points and Rewards for WooCommerce plugin <= 1.5.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-43122MEDIUMWordPress Robin image optimizer plugin <= 1.6.9 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-49818MEDIUMWordPress Webflow Pages plugin <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-4031HIGHDatabase Backup for WordPress <= 2.5.2 - Missing Authorization to Unauthenticated Database Backup InterceptionEPSS 0.5%CVE-2024-1108MEDIUMPlugin Groups <= 2.0.6 - Missing Authorization to Unauthenticated Denial of ServiceEPSS 0.5%CVE-2024-42434MEDIUMZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Missing AuthorizationEPSS 0.5%CVE-2024-4428MEDIUMSensetive Data Exposure in Menulux Managment PortalEPSS 0.5%CVE-2025-26377HIGHA CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticaEPSS 0.5%CVE-2024-37470HIGHWordPress Woffice Core plugin <= 5.4.8 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-10330MEDIUMImproper Access Control in lunary-ai/lunaryEPSS 0.5%CVE-2025-26368HIGHA CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authEPSS 0.5%CVE-2024-12006MEDIUMW3 Total Cache <= 2.8.1 Missing Authorization to Unauthenticated Plugin Deactivation and Extensions Activation/DeactivationEPSS 0.5%CVE-2023-36510HIGHWordPress ReDi Restaurant Reservation plugin <= 23.0211 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-39823MEDIUMZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Missing AuthorizationEPSS 0.5%CVE-2023-24528MEDIUMSAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain mEPSS 0.5%CVE-2023-1027MEDIUMWP Meta SEO <= 4.5.3 - Missing Authorization in 'checkAllCategoryInSitemap'EPSS 0.5%CVE-2023-30479MEDIUMWordPress Stamped.io Product Reviews & UGC for WooCommerce plugin <= 2.3.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-2450MEDIUMreSmush.it Image Optimizer < 0.4.4 - Subscriber+ AJAX CallsEPSS 0.5%