Falhas do tipo CWE-862
6.959 resultadosCVE-2025-68073MEDIUMWordPress GDPR CCPA Compliance Support plugin <= 2.7.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-64639MEDIUMWordPress WP Compress for MainWP plugin <= 6.50.17 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24972MEDIUMWordPress Elated Listing plugin <= 1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-4102MEDIUMPricing Table <= 2.0.1 - Missing AuthorizationEPSS 0.3%CVE-2025-64137MEDIUMA missing permission check in Jenkins Themis Plugin 1.4.1 and earlier allows attackers with Overall/Read permission to connect to an attackeEPSS 0.3%CVE-2025-67977HIGHWordPress HAPPY plugin <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-2104MEDIUMPage Builder: Pagelayer – Drag and Drop website builder <= 1.9.9 - Missing Authorization to Authenticated (Contributor+) Post PublicationEPSS 0.3%CVE-2026-28555MEDIUMwpForo Forum 2.4.14 Missing Authorization via Topic Close AJAX HandlerEPSS 0.3%CVE-2025-59416HIGHThe Scratch Channel forks can publish articlesEPSS 0.3%CVE-2025-66736HIGHyoulai-boot V2.21.1 is vulnerable to Incorrect Access Control. The importUsers function in SysUserController.java does not perform a permissEPSS 0.3%CVE-2025-62922MEDIUMWordPress Export Categories plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-59217MEDIUMOpen WebUI: Upload `metadata.knowledge_id` bypasses the knowledge-base write-access check (read-only users can add files to KB)EPSS 0.3%CVE-2026-28554MEDIUMwpForo Forum 2.4.14 Missing Authorization via Post Approval AJAX HandlerEPSS 0.3%CVE-2025-52554MEDIUMn8n Improper Authorization in Workflow Execution Stop Endpoint Allows Terminating Other Users’ WorkflowsEPSS 0.3%CVE-2023-48761MEDIUMWordPress JetElements For Elementor plugin <= 2.6.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-9014MEDIUMWP Promoter <= 1.3 - Missing Authorization to Unauthenticated Statistics Reset via wpp-reset_stats AJAX ActionEPSS 0.3%CVE-2022-47339MEDIUMIn cmd services, there is a OS command injection issue due to missing permission check. This could lead to local escalation of privilege witEPSS 0.3%CVE-2025-14079MEDIUMELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.5 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2025-52775HIGHWordPress Project Cost Calculator Plugin <= 1.0.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-55072MEDIUMA Broken Object Level Authorization vulnerability in the component /api/users/{user-id} of hay-kot mealie v2.2.0 allows users to edit their EPSS 0.3%