Falhas do tipo CWE-862

6.959 resultados
CVE-2026-4301MEDIUMRate Star Review Vote <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification via 'rating_id' ParameterEPSS 0.3%CVE-2026-25335MEDIUMWordPress Secure Copy Content Protection and Content Locking plugin <= 5.0.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-34892MEDIUMWordPress Rank Math SEO plugin <= 1.0.271 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11851MEDIUMNitroPack <= 1.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Transient UpdateEPSS 0.3%CVE-2025-43805MEDIUMLiferay Portal 7.3.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, and 7.3 GA throughEPSS 0.3%CVE-2024-54470MEDIUMA logic issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. An attackerEPSS 0.3%CVE-2025-15347HIGHCreator LMS – The LMS for Creators, Coaches, and Trainers <= 1.1.12 - Missing Authorization to Authenticated (Contributor+) Arbitrary Options UpdateEPSS 0.3%CVE-2026-40795MEDIUMWordPress Amelia plugin <= 2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-47807MEDIUMWordPress 10WebAnalytics plugin <= 1.2.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-39350HIGHWordPress wProject theme < 5.8.0 - Unauthenticated Post/Comment/Attachment Modification/Deletion vulnerabilityEPSS 0.3%CVE-2025-41339HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-41114HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-41338HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-24737MEDIUMWordPress WP Helper Premium plugin <= 4.6.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-58613MEDIUMWordPress Posts Table with Search & Sort Plugin <= 1.4.10 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-39569MEDIUMWordPress 12 Step Meeting List plugin <= 3.19.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-8492MEDIUMSalon Booking System <= 10.22 - Missing Authorization to Unauthenticated AJAX Actions ExecutionEPSS 0.3%CVE-2025-41345HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2024-54269MEDIUMWordPress Notibar plugin <= 2.1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-41342HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%