Falhas do tipo CWE-862

7.018 resultados
CVE-2025-14854MEDIUMWP-CRM System – Manage Clients and Projects <= 3.4.5 - Missing Authorization to Authenticated (Subscriber+) CRM Data Exposure and Task ModificationEPSS 0.2%CVE-2025-62870MEDIUMWordPress Eupago Gateway For Woocommerce plugin <= 4.7.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67577MEDIUMWordPress Easy Form Builder plugin <= 3.8.20 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54739MEDIUMWordPress Nexter Blocks Plugin <= 4.5.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-62865MEDIUMWordPress Post Cloner plugin <= 1.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64150MEDIUMA missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to connect tEPSS 0.2%CVE-2025-42882MEDIUMMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.2%CVE-2025-62153MEDIUMWordPress Quick Interest Slider plugin <= 3.1.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57730MEDIUMWordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53293MEDIUMWordPress Dashboard Widget Sidebar plugin <= 1.2.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-52866HIGHApollo Pharmacy Blood Glucose Monitoring System APG-01 BT Missing AuthorizationEPSS 0.2%CVE-2025-10938MEDIUMUiPress lite <= 3.5.08 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information ExposureEPSS 0.2%CVE-2025-66120MEDIUMWordPress CatFolders plugin <= 2.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-28433LOWMisskey lacks resource ownership validationEPSS 0.2%CVE-2025-49973MEDIUMWordPress Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes plugin <= 1.0.10 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-45007MEDIUMphpMyFAQ - Missing Permission Check on 12 Configuration API Endpoints Allows Information DisclosureEPSS 0.2%CVE-2024-13810MEDIUMZass - WooCommerce Theme for Handmade Artists and Artisans <= 3.9.9.10 - Missing Authorization to Authenticated (Subscriber+) Demo ImportEPSS 0.2%CVE-2026-24327MEDIUMMissing Authorization Check in SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application)EPSS 0.2%CVE-2025-66154MEDIUMWordPress Couponer for Elementor plugin <= 1.1.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49970MEDIUMWordPress Hello FSE Blog theme <= 1.0.6 - Broken Access Control VulnerabilityEPSS 0.2%