Falhas do tipo CWE-862
6.923 resultadosCVE-2024-4138MEDIUMMissing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)EPSS 0.3%CVE-2025-7956MEDIUMAjax Search Lite <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search HandlerEPSS 0.3%CVE-2024-53784MEDIUMWordPress Smart Marketing SMS and Newsletters Forms plugin <= 5.0.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31469MEDIUMWordPress Clear Sucuri Cache plugin <= 1.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-28962MEDIUMWordPress Advanced Google Universal Analytics plugin <= 1.0.3 - Broken Access Control to Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-9243HIGHCost Calculator Builder <= 3.5.32 - Authenticated (Subscriber+) Missing Authorization via get_cc_orders/update_order_status FunctionsEPSS 0.3%CVE-2026-46425CRITICALBudibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant usersEPSS 0.3%CVE-2025-39493MEDIUMWordPress Rankie plugin < 1.8.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-62086MEDIUMWordPress Яндекс Доставка (Boxberry) plugin <= 2.34 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1833MEDIUMWaMate Confirm <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Phone Number Blocking/UnblockingEPSS 0.3%CVE-2023-21450LOWMissing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner's widget without EPSS 0.3%CVE-2025-53221MEDIUMWordPress CodeablePress plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1253MEDIUMGroup Chat & Video Chat by AtomChat <= 1.1.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Options UpdateEPSS 0.3%CVE-2025-4282MEDIUMSourceCodester/oretnom23 Stock Management System Users.php cross-site request forgeryEPSS 0.3%CVE-2025-15510MEDIUMNEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.8 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2026-3581MEDIUMBasic Google Maps Placemarks <= 1.10.7 - Missing Authorization to Unauthenticated Default Map Coordinate UpdateEPSS 0.3%CVE-2026-12122MEDIUMKirki <= 6.0.11 - Missing Authorization to Unauthenticated Sensitive Information Exposure via kirki_post_apis_nopriv AJAX ActionEPSS 0.3%CVE-2024-6750HIGHSocial Auto Poster <= 5.3.14 - Missing Authorization via Multiple FunctionsEPSS 0.3%CVE-2025-41410MEDIUMSlack import bypasses email verification for team access controlsEPSS 0.3%CVE-2025-36367HIGHIBM i is affected by a privilege escalation in IBM i SQL servicesEPSS 0.3%