Falhas do tipo CWE-862

7.009 resultados
CVE-2025-48117MEDIUMWordPress WooCommerce POS plugin <= 1.7.8 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-62017MEDIUMWordPress Kallyas theme <= 4.22.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-11607HIGHTYPO3 CMS - Broken Access Control in Form FrameworkEPSS 0.2%CVE-2026-47349MEDIUMTYPO3 CMS - Broken Access Control in RecyclerEPSS 0.2%CVE-2026-48873HIGHWordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-54830HIGHWordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-54828HIGHWordPress Motors plugin <= 1.4.109 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-13335MEDIUMSastra Essential Addons for Elementor – Free Elementor Addons, Widgets and Templates <= 1.0.14 - Missing Authorization to Spexo Theme InstallEPSS 0.2%CVE-2025-67548MEDIUMWordPress WP Delicious plugin <= 1.9.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68850HIGHWordPress Sell Downloads plugin <= 1.1.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-55038HIGHAutomationDirect CLICK PLUS Missing AuthorizationEPSS 0.2%CVE-2026-49065HIGHWordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-4047MEDIUMBroken Link Checker <= 2.4.4 - Missing Autorization to Authenticated (Subscriber+) Plugin Status Dashboard ViewEPSS 0.2%CVE-2025-4202MEDIUMMulticollab: Content Team Collaboration and Editorial Workflow <= 5.2 - Missing Authorization to Authenticated (Subscriber+) Collaboration CommentEPSS 0.2%CVE-2025-6106MEDIUMWuKongOpenSource WukongCRM AdminRoleController.java cross-site request forgeryEPSS 0.2%CVE-2024-55070LOWA Broken Object Level Authorization vulnerability in the component /households/permissions of hay-kot mealie v2.2.0 allows group managers toEPSS 0.2%CVE-2025-52818HIGHWordPress Trusty Whistleblowing plugin <= 2.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-44156HIGHA path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS SequoiaEPSS 0.2%CVE-2025-58210MEDIUMWordPress Makeaholic Theme <= 1.8.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-42174MEDIUMKirby: User avatar creation, replacement and deletion are not gated by user update permissionsEPSS 0.2%