Falhas do tipo CWE-862
6.870 resultadosCVE-2024-3602MEDIUMPop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer <= 1.1.0 - Missing AuthorizationEPSS 0.3%CVE-2025-14461MEDIUMXendit Payment <= 6.0.2 - Missing Authorization to Unauthenticated Arbitrary Order Status Update to PaidEPSS 0.3%CVE-2025-24577MEDIUMWordPress Poll Maker plugin <= 5.5.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-30968HIGHCoral Server has insufficient validation of agent identity for SSE connectionsEPSS 0.3%CVE-2025-7665HIGHMiniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege EscalationEPSS 0.3%CVE-2025-39591MEDIUMWordPress WP Subscription Forms plugin <= 1.2.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-0679MEDIUMFortis for WooCommerce <= 1.2.0 - Missing Authorization to Unauthenticated Arbitrary Order Status Update to Paid via 'wc-api' EndpointEPSS 0.3%CVE-2026-2651CRITICALMissing Authorization Validation in mlflow/mlflowEPSS 0.3%CVE-2025-15390MEDIUMPHPGurukul Small CRM edit-user.php authorizationEPSS 0.3%CVE-2024-32779MEDIUMWordPress Vision – Image Map Builder plugin <= 1.7.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-51308MEDIUMIn Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on readEPSS 0.3%CVE-2024-11852MEDIUMElement Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.10.12 - Missing AuthorizationEPSS 0.3%CVE-2020-10684HIGHA flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_faEPSS 0.3%CVE-2026-1004MEDIUMEssential Addons for Elementor <= 6.5.5 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2024-34802MEDIUMWordPress AdFoxly plugin <= 1.8.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-1994MEDIUMImage Watermark <= 1.7.3 - Missing Authorization to Authenticated (Subscriber+) Watermark ModificationEPSS 0.3%CVE-2025-68007MEDIUMWordPress Event Espresso 4 Decaf plugin <= 5.0.37.decaf - Settings Change vulnerabilityEPSS 0.3%CVE-2025-30896MEDIUMWordPress WP ERP plugin <= 1.13.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-2789MEDIUMMultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.19 - Missing Authorization to Unauthenticated Table Rates DeletionEPSS 0.3%CVE-2025-42982HIGHInformation Disclosure in SAP GRC (AC Plugin)EPSS 0.3%