Falhas do tipo CWE-862

6.872 resultados
CVE-2024-1955MEDIUMHide Dashboard Notifications <= 1.3 - Missing Authorization to Authenticated(Contributor+) Plugin Settings ModificationEPSS 0.3%CVE-2024-27906MEDIUMApache Airflow: Dag Code and Import Error Permissions IgnoredEPSS 0.3%CVE-2023-46082MEDIUMWordPress Broken Link Checker | Finder plugin <= 2.4.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25517MEDIUMWagtail has improper permission handling on admin preview endpointsEPSS 0.3%CVE-2023-45045MEDIUMWordPress WP Custom Widget area plugin <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26968HIGHWordPress Cloak Front End Email <= 1.9.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-46635MEDIUMWordPress YITH WooCommerce Product Add-Ons plugin <= 4.2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1766MEDIUMEvent Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status UpdateEPSS 0.3%CVE-2025-8796MEDIUMLitmusChaos Litmus Delete Request delete_project authorizationEPSS 0.3%CVE-2023-46073MEDIUMWordPress DX Delete Attached Media plugin <= 2.0.5.1 - Broken Access Control vulnerability + CSRFEPSS 0.3%CVE-2024-1337MEDIUMSKT Page Builder <= 4.1 - Missing Authorization to Authenticated(Subscriber+) Content InjectionEPSS 0.3%CVE-2025-49996MEDIUMWordPress WP Visitor Statistics (Real Time Traffic) plugin <= 8.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22657HIGHWordPress Atarim plugin <= 4.0.9 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2024-31281MEDIUMWordPress Church Admin plugin <= 4.1.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-45050HIGHRinger Server Does Not Check Members When Loading MessagesEPSS 0.3%CVE-2025-1643MEDIUMBenner ModernaNet SG_AlterarSenha cross-site request forgeryEPSS 0.3%CVE-2025-37087CRITICALA vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an attacker to gain access to an arbitrary filEPSS 0.3%CVE-2026-3480MEDIUMWP Blockade <= 0.9.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'shortcode' ParameterEPSS 0.3%CVE-2025-64349HIGHELOG user profile missing authorizationEPSS 0.3%CVE-2026-3266HIGHImproper access control vulnerability has been discovered in OpenText™ Filr.EPSS 0.3%