Falhas do tipo CWE-862
6.961 resultadosCVE-2026-2992HIGHKiviCare <= 4.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via Setup WizardEPSS 0.2%CVE-2026-2306MEDIUMNinja Tables <= 5.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Table CreationEPSS 0.2%CVE-2026-59796HIGHIn JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checksEPSS 0.2%CVE-2026-3582MEDIUMIncorrect Authorization in GitHub Enterprise Server allows access to issue and commit search results without repo scopeEPSS 0.2%CVE-2025-32212MEDIUMWordPress Specia Companion plugin <= 6.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58660MEDIUMWordPress Oshine Core Plugin <= 1.5.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-60103MEDIUMWordPress ListingPro plugin <= 2.9.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24585MEDIUMWordPress Hyyan WooCommerce Polylang Integration plugin <= 1.5.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57429MEDIUMWordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66532MEDIUMWordPress Powerlift theme < 3.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67976MEDIUMWordPress Watu Quiz plugin <= 3.4.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-7249MEDIUMLocation Weather <= 3.0.2 - Missing Authorization to Authenticated (Contributor+) Block Settings Modification and Cache PurgingEPSS 0.2%CVE-2025-58672MEDIUMWordPress WP User Frontend Plugin <= 4.1.12 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-68534MEDIUMWordPress PDF for WPForms plugin <= 6.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14361HIGHWordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerabilityEPSS 0.2%CVE-2024-10860MEDIUMNextMove Lite – Thank You Page for WooCommerce <= 2.19.0 - Missing Authorization to Authenticated (Subscriber+) Deactivation Reason SubmissionEPSS 0.2%CVE-2025-68837MEDIUMWordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-7756MEDIUMcode-projects E-Commerce Site cross-site request forgeryEPSS 0.2%CVE-2025-0067MEDIUMMissing Authorization check in SAP NetWeaver Application Server JavaEPSS 0.2%CVE-2025-12783MEDIUMPremmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings UpdateEPSS 0.2%