Falhas do tipo CWE-862

6.963 resultados
CVE-2026-1537MEDIUMLatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Missing Authorization to Booking Details ExposureEPSS 0.2%CVE-2025-57975MEDIUMWordPress Team Plugin <= 5.0.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-50084CRITICALAqara API cross-account accessEPSS 0.2%CVE-2026-5025MEDIUMLangflow - Application Logs Exposed to All Authenticated UsersEPSS 0.2%CVE-2025-43788MEDIUMThe organization selector in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q1.1 through 2024.Q1.12 and 7.4 update 81 through EPSS 0.2%CVE-2025-27294MEDIUMWordPress WP-Asambleas plugin <= 2.85.0 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.2%CVE-2026-27468MEDIUMMastodon may allow unconfirmed FASP to make subscriptionsEPSS 0.2%CVE-2026-49741HIGHTYPO3 CMS - Privilege Escalation & SQL Injection in Form FrameworkEPSS 0.2%CVE-2026-39432HIGHWordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12655MEDIUMHippoo Mobile App for WooCommerce <= 1.7.1 - Missing Authorization to Unauthenticated Limited File WriteEPSS 0.2%CVE-2025-13441MEDIUMHide Category by User Role for WooCommerce <= 2.3.1 - Missing Authorization to Unauthenticated Cache FlushingEPSS 0.2%CVE-2025-58968MEDIUMWordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-40726HIGHWordPress User Registration Stripe plugin <= 1.3.14 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-31603MEDIUMWordPress CF7 Spreadsheets plugin <= 2.3.2 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-8487MEDIUMKubio AI Page Builder <= 2.6.3 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin InstallationEPSS 0.2%CVE-2025-22779MEDIUMWordPress WP News Sliders plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-22721MEDIUMWordPress ApplyOnline plugin <= 2.6.7.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32438MEDIUMWordPress VW School Education theme <= 1.4.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62925MEDIUMWordPress Conversios.io plugin <= 7.2.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-24108MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3. An app may be able to access EPSS 0.2%