Falhas do tipo CWE-862

7.001 resultados
CVE-2025-63077MEDIUMWordPress Happy Addons for Elementor plugin <= 3.20.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-12349MEDIUMPremium Addons for KingComposer <= 1.1.1 - Missing Authorization to Unauthenticated Arbitrary Custom Sidebar Creation and Deletion via 'add_custom_sidebar' and 'remove_custom_sidebar' AJAX actionsEPSS 0.2%CVE-2025-13354MEDIUMTag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Taxonomy Term ManipulationEPSS 0.2%CVE-2025-12043MEDIUMAutochat Automatic Conversation <= 1.1.9 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.2%CVE-2026-61441HIGHPraisonAI Platform before 0.1.9 Authorization Bypass via DependenciesEPSS 0.2%CVE-2025-64132MEDIUMJenkins MCP Server Plugin 0.84.v50ca_24ef83f2 and earlier does not perform permission checks in multiple MCP tools, allowing attackers to trEPSS 0.2%CVE-2026-25436MEDIUMWordPress Royal Elementor Addons plugin < 1.7.1053 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-5768MEDIUMMIMO Woocommerce Order Tracking <= 1.0.2 - Missing Authorization to Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-61755LOWVulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). Supported versions that are affected are OraclEPSS 0.2%CVE-2025-13093MEDIUMDevs CRM – Manage tasks, attendance and teams all together <= 1.1.8 - Missing Authorization to Unauthenticated Lead Tag UpdateEPSS 0.2%CVE-2026-42320MEDIUMGLPI vulnerable to arbitrary file accessEPSS 0.2%CVE-2026-34899MEDIUMWordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69298HIGHWordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-54832HIGHWordPress Gutenverse Companion plugin <= 2.5.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60165MEDIUMWordPress Frames Theme <= 1.5.7 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-47352MEDIUMTYPO3 CMS - Broken Access Control in Backend APIEPSS 0.2%CVE-2026-47350MEDIUMTYPO3 CMS - Broken Access Control in DataHandlerEPSS 0.2%CVE-2025-0954MEDIUMWP Online Contract <= 5.1.4 - Missing Authorization to Unauthenticated Settings ImportEPSS 0.2%CVE-2025-48117MEDIUMWordPress WooCommerce POS plugin <= 1.7.8 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-45442MEDIUMWordPress Presto Player plugin <= 4.1.3 - Broken Access Control vulnerabilityEPSS 0.2%