Falhas do tipo CWE-862

7.000 resultados
CVE-2025-49980MEDIUMWordPress WP User Profile Avatar plugin <= 1.0.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-68049MEDIUMWordPress bunny.net plugin <= 2.3.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-13687MEDIUMTeam Builder – Meet the Team <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.2%CVE-2025-6865MEDIUMDaiCuo index cross-site request forgeryEPSS 0.2%CVE-2025-62247LOWMissing Authorization in Collection Provider component in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025EPSS 0.2%CVE-2026-27328MEDIUMWordPress EduBlink theme <= 2.0.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-45393MEDIUMComputer Vision Annotation Tool (CVAT) is missing authorization for endpoints related to webhook deliveriesEPSS 0.2%CVE-2025-28994MEDIUMWordPress Viral Loops WP Integration plugin <= 3.8.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-25443HIGHWordPress Fraud Prevention For Woocommerce plugin <= 2.3.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.2%CVE-2025-49248MEDIUMWordPress Team Showcase plugin < 25.05.13 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-46470MEDIUMWordPress Smart Hashtags [#hashtagger] plugin <= 7.2.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-54010HIGHOpen WebUI: Forged chat-file link allows cross-user file read and deletionEPSS 0.2%CVE-2025-39511MEDIUMWordPress Pinterest Automatic Pin plugin <= 4.19.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2024-13307MEDIUMReales WP - Real Estate WordPress Theme <= 2.1.2 - Missing Authorization to Unauthenticated Attachment Deletion and Favorite Property UpdatesEPSS 0.2%CVE-2025-30624MEDIUMWordPress WordLift plugin <= 3.54.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-49272MEDIUMWordPress Trinity Audio plugin <= 5.20.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-32295MEDIUMWordPress Salon Booking Wordpress plugin <= 10.10.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-33357HIGHMeari OpenAPI device status IDOREPSS 0.2%CVE-2025-2420MEDIUM猫宁i Morning cross-site request forgeryEPSS 0.2%CVE-2025-47471MEDIUMWordPress Envo Extra plugin <= 1.9.9 - Broken Access Control VulnerabilityEPSS 0.2%