Falhas do tipo CWE-862
6.959 resultadosCVE-2024-56006MEDIUMWordPress Jetpack Debug Tools plugin < 2.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12210MEDIUMPrint Invoice & Delivery Notes for WooCommerce <= 5.4.0 - Missing Authorization to Authenticated (Subscriber+) Logo DeletionEPSS 0.3%CVE-2026-48119HIGHNezha Monitoring: Authenticated agents can forge service-monitor results for other users' servicesEPSS 0.3%CVE-2025-10040HIGHWP Import – Ultimate CSV XML Importer for WordPress <= 7.27 - Missing Authorization to Authenticated (Subscriber+) FTP/SFTP Credential ExposureEPSS 0.3%CVE-2024-42380MEDIUMMultiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP PlatformEPSS 0.3%CVE-2024-7380MEDIUMGeo Controller <= 8.7.3 - Missing Authorization to Authenticated (Subscriber+) Menu Creation/DeletionEPSS 0.3%CVE-2025-2506MEDIUMWhen pglogical attempts to replicate data, it does not verify it is using a replication connection, which means a user with CONNECT access tEPSS 0.3%CVE-2025-58969MEDIUMWordPress Custom Login URL Plugin <= 1.0.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-11564MEDIUMTutor LMS – eLearning and online course solution <= 3.8.3 - Missing Authorization to Unauthenticated Payment Status UpdateEPSS 0.3%CVE-2026-44569HIGHOpen WebUI: Insecure Message Access Breaks AuthorizationEPSS 0.3%CVE-2025-62874MEDIUMWordPress AnyComment plugin <= 0.3.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-35175HIGHAjenti has an authorization bypass during custom package installationEPSS 0.3%CVE-2025-4520MEDIUMUncanny Automator <= 6.4.0.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.3%CVE-2026-42436MEDIUMOpenClaw < 2026.4.14 - Internal Page Content Exposure via Browser Snapshot and Screenshot RoutesEPSS 0.3%CVE-2025-54004LOWWordPress WCFM – Frontend Manager for WooCommerce plugin <= 6.7.24 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1104HIGHFastDup – Fastest WordPress Migration & Duplicator <= 2.7.1 - Missing Authorization to Authenticated (Contributor+) Backup Creation and DownloadEPSS 0.3%CVE-2026-5753MEDIUMAll-in-One WP Migration Unlimited Extension <= 2.83 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Backup Schedule Creation and Backup File DownloadEPSS 0.3%CVE-2026-0727MEDIUMAccordion and Accordion Slider <= 1.4.5 - Missing Authorization to Authenticated (Contributor+) Attachment Metadata ModificationEPSS 0.3%CVE-2025-49989MEDIUMWordPress App Builder plugin <= 5.5.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3687MEDIUMmisstt123 oasys Sticky Notes cross-site request forgeryEPSS 0.3%