Falhas do tipo CWE-862

7.009 resultados
CVE-2026-24532MEDIUMWordPress SiteLock Security plugin <= 5.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69221MEDIUMLibreChat has Insufficient Access Control for Agent Permission QueriesEPSS 0.2%CVE-2025-69031MEDIUMWordPress Arcane theme <= 3.6.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32489MEDIUMWordPress B Blocks plugin < 2.0.30 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68564MEDIUMWordPress Sendy plugin <= 3.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-48887MEDIUMWordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-47587LOWMissing authorization check in SAP Cash Management (Cash Operations)EPSS 0.2%CVE-2025-68050MEDIUMWordPress Leadpages plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24534MEDIUMWordPress Booter plugin <= 1.5.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23189MEDIUMMissing Authorization Check in SAP NetWeaver and ABAP Platform (SDCCN)EPSS 0.2%CVE-2026-56213MEDIUMCapgo - Unauthenticated Cross-Tenant Metrics Poisoning via upsert_version_meta RPCEPSS 0.2%CVE-2026-24588MEDIUMWordPress Smart Product Viewer plugin <= 1.5.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62019MEDIUMWordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-59853MEDIUMSiYuan: Publish-mode Reader can exfiltrate private saved-search Criteria via /api/storage/getCriteria (missing publish-access filter)EPSS 0.2%CVE-2025-64251MEDIUMWordPress Ultimate Learning Pro plugin <= 3.9.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.2%CVE-2025-11370MEDIUMDepicter <= 4.0.7 - Missing Authorization to Unauthenticated Display Rule UpdatesEPSS 0.2%CVE-2026-33934MEDIUMOpenEMR's Missing Authorization in show-signature.php Allows Portal Patients to Read Staff SignaturesEPSS 0.2%CVE-2026-25318MEDIUMWordPress WiserReview Product Reviews for WooCommerce plugin <= 2.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24524MEDIUMWordPress Tablesome plugin <= 1.2.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-1233MEDIUMLafka Plugin <= 7.1.0 - Missing Authorization to Authenticated (Subscriber+) Theme Option UpdateEPSS 0.2%