Falhas do tipo CWE-862

7.018 resultados
CVE-2025-22287MEDIUMWordPress LTL Freight Quotes – FreightQuote Edition plugin <= 2.3.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-50244MEDIUMNaxclow IoT Platform Missing AuthorizationEPSS 0.2%CVE-2025-6341MEDIUMcode-projects School Fees Payment System cross-site request forgeryEPSS 0.2%CVE-2025-66072MEDIUMWordPress UsersWP plugin <= 1.2.47 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62090MEDIUMWordPress Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons plugin <= 3.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-62191HIGHOpenClaw 2026.6.6 < 2026.6.9 Authorization Bypass via Message MutationsEPSS 0.2%CVE-2025-66158MEDIUMWordPress Gmaper for Elementor plugin <= 1.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-47745MEDIUMShopper: Missing per-action authorization on PaymentMethods, Currencies and Carriers admin tablesEPSS 0.2%CVE-2025-66159MEDIUMWordPress Walker for Elementor plugin <= 1.1.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12075MEDIUMOrder Splitter for WooCommerce <= 5.3.5 - Missing Authorization to Authenticated (Subscriber+) Order Information ExposureEPSS 0.2%CVE-2026-39505MEDIUMWordPress Seriously Simple Podcasting plugin <= 3.14.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-8335MEDIUMcode-projects Simple Car Rental System cross-site request forgeryEPSS 0.2%CVE-2025-14446MEDIUMPopup Builder <= 1.1.37 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings ResetEPSS 0.2%CVE-2025-46535MEDIUMWordPress Custom Login and Registration plugin <= 1.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66155MEDIUMWordPress Questionar for Elementor plugin <= 1.1.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39543MEDIUMWordPress Tourfic plugin <= 2.21.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-26920MEDIUMWordPress Customify theme <= 0.4.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66157MEDIUMWordPress Sliper for Elementor plugin <= 1.0.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-47742MEDIUMShopper: Missing authorization on Product admin Livewire sub-form componentsEPSS 0.2%CVE-2025-66156MEDIUMWordPress Watcher for Elementor plugin <= 1.0.9 - Broken Access Control vulnerabilityEPSS 0.2%