Falhas do tipo CWE-862

6.959 resultados
CVE-2025-3915MEDIUMAeropage Sync for Airtable <= 3.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DeletionEPSS 0.3%CVE-2025-60127MEDIUMWordPress CopySafe Web Protection plugin <= 5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-8996MEDIUMBackup and Staging by WP Time Capsule <= 1.22.26 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via download_recent_decrypted_file_wptc FunctionEPSS 0.3%CVE-2025-8223MEDIUMjerryshensjf JPACookieShop 蛋糕商城JPA版 AdminTypeCustController.java cross-site request forgeryEPSS 0.3%CVE-2025-41340HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-41338HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-41342HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-41344HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2026-39569MEDIUMWordPress 12 Step Meeting List plugin <= 3.19.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-45399HIGHOpen WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruptionEPSS 0.3%CVE-2024-50052MEDIUMArbitrary post deletion via Playbooks /ignore-thread endpointEPSS 0.3%CVE-2025-58613MEDIUMWordPress Posts Table with Search & Sort Plugin <= 1.4.10 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-8492MEDIUMSalon Booking System <= 10.22 - Missing Authorization to Unauthenticated AJAX Actions ExecutionEPSS 0.3%CVE-2026-6393MEDIUMBetterDocs <= 4.3.11 - Missing Authorization to Authenticated (Subscriber+) Unauthorized AI API UsageEPSS 0.3%CVE-2026-34184HIGHMissing Authorization in Hydrosystem Control SystemEPSS 0.3%CVE-2025-48327MEDIUMWordPress WP Mailgun SMTP plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-54269MEDIUMWordPress Notibar plugin <= 2.1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-60120MEDIUMWordPress WP Directory Kit plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-53340MEDIUMWordPress Awesome Support plugin <= 6.3.6 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-41111HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%