Falhas do tipo CWE-862

7.009 resultados
CVE-2025-67576MEDIUMWordPress Simple Link Directory plugin <= 8.8.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62916MEDIUMWordPress Flights & Hotels Booking WP Plugin plugin <= 3.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67562MEDIUMWordPress Image Caption Hover Pro plugin < 20.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12093MEDIUMVoidek Employee Portal <= 1.0.7 - Missing AuthorizationEPSS 0.2%CVE-2025-47585MEDIUMWordPress Booking and Rental Manager plugin <= 2.3.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14365MEDIUMEyewear prescription form <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Category DeletionEPSS 0.2%CVE-2026-52812HIGHGogs: LFS dedupe path leaks private repo content across tenantsEPSS 0.2%CVE-2025-12362MEDIUMmyCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7 - Missing Authorization to Unauthenticated Withdrawal Request ApprovalEPSS 0.2%CVE-2025-53230HIGHWordPress Page Manager for Elementor Plugin <= 2.0.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-39362MEDIUMWordPress Mollie Payments for WooCommerce plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2025-49431MEDIUMWordPress MF Plus WPML plugin <= 1.1 - Settings Change VulnerabilityEPSS 0.2%CVE-2025-53997MEDIUMWordPress Houzez theme <= 4.0.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-25410MEDIUMWordPress WP-CORS plugin <= 0.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-1233MEDIUMLafka Plugin <= 7.1.0 - Missing Authorization to Authenticated (Subscriber+) Theme Option UpdateEPSS 0.2%CVE-2025-49339MEDIUMWordPress Direct Payments WP plugin <= 1.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-47587LOWMissing authorization check in SAP Cash Management (Cash Operations)EPSS 0.2%CVE-2026-22458MEDIUMWordPress Wanderland theme <= 1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-3863MEDIUMPost Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form FunctionEPSS 0.2%CVE-2026-48887MEDIUMWordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24567MEDIUMWordPress Anything Order by Terms plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.2%