Falhas do tipo CWE-862

6.960 resultados
CVE-2026-7620MEDIUMNotification for Telegram <= 3.5.1 - Missing Authorization to Authenticated (Subscriber+) Cron Modification via nftb_cron_action_set AJAX ActionEPSS 0.3%CVE-2026-24605MEDIUMWordPress X Addons for Elementor plugin <= 1.0.23 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-7621MEDIUMSMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/TruncateEPSS 0.3%CVE-2025-49319MEDIUMWordPress Wishlist for WooCommerce <= 3.2.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-48271MEDIUMWordPress Leadinfo plugin <= 1.1 - Settings Change VulnerabilityEPSS 0.3%CVE-2026-0817MEDIUMCampaignEvents API missing authorization exposes meeting and chat URLsEPSS 0.3%CVE-2024-44115MEDIUMMultiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP PlatformEPSS 0.3%CVE-2025-52802HIGHWordPress Import YouTube videos as WP Posts plugin <= 2.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-44112MEDIUMMissing Authorization check in SAP for Oil & Gas (Transportation and Distribution)EPSS 0.3%CVE-2025-23190MEDIUMMissing Authorization check in SAP NetWeaver and ABAP platform (ST-PI)EPSS 0.3%CVE-2023-40327MEDIUMWordPress Putler Connector for WooCommerce plugin <= 2.12.0 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-33514MEDIUMDiscourse: Information Disclosure in Form Template API Due to Missing AuthorizationEPSS 0.3%CVE-2026-31919MEDIUMWordPress Advanced Coupons for WooCommerce Coupons plugin <= 4.7.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-12133MEDIUMJoomSport <= 5.7.8 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Deletion via season_groupdel AJAX actionEPSS 0.3%CVE-2025-24743MEDIUMWordPress RomethemeKit For Elementor plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37214MEDIUMWordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - Broken Access Control to XSS vulnerabilityEPSS 0.3%CVE-2026-7559MEDIUMAffilia <= 3.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Status ModificationEPSS 0.3%CVE-2025-50028MEDIUMWordPress Ultimate Push Notifications plugin <= 1.2.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-44116MEDIUMMultiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP PlatformEPSS 0.3%CVE-2025-48275MEDIUMWordPress Visual Header plugin <= 1.3 - Broken Access Control VulnerabilityEPSS 0.3%