Falhas do tipo CWE-862
7.025 resultadosCVE-2025-11835MEDIUMPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.16.4 - Missing Authorization to Unauthenticated Arbitrary Member Subscription Auto RenewalEPSS 0.2%CVE-2026-56402HIGHNanoClaw < 2.1.17 - Privilege Escalation via Unverified Approval Response HandlerEPSS 0.2%CVE-2026-49054MEDIUMWordPress The Post Grid plugin <= 7.9.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-25241MEDIUMMissing Authorization check in SAP Fiori Apps Reference Library (My Overtime Requests)EPSS 0.2%CVE-2025-67737LOWAzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCEEPSS 0.2%CVE-2026-43568HIGHOpenClaw 2026.4.5 through 2026.4.9 - Privilege Escalation via Memory Dreaming Configuration in /dreaming EndpointEPSS 0.2%CVE-2026-54840HIGHWordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-34050MEDIUMCoolify Settings/Updates Livewire component missing instance administrator authorizationEPSS 0.2%CVE-2026-45085MEDIUMDiscourse: Chat misauthorization and information disclosureEPSS 0.2%CVE-2026-53634MEDIUMSharp: Missing Authorization Check in Quick Creation Command EndpointsEPSS 0.2%CVE-2026-57649MEDIUMWordPress Shoppable Images Lite plugin <= 1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63039MEDIUMWordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57419MEDIUMWordPress Stock Locations for WooCommerce plugin <= 3.1.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14540MEDIUMUserback <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Plugin's Configuration ExposureEPSS 0.2%CVE-2026-25806MEDIUMPlaciPy has Missing Authorization Checks on Student Management Endpoints (IDOR)EPSS 0.2%CVE-2024-23230MEDIUMThis issue was addressed with improved file handling. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5.EPSS 0.2%CVE-2026-33305MEDIUMOpenEMR has Authorization Bypass in FaxSMS AppDispatch ConstructorEPSS 0.2%CVE-2026-25372MEDIUMWordPress Academy LMS plugin <= 3.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1153MEDIUMtechnical-laohu mpay cross-site request forgeryEPSS 0.2%CVE-2025-12481MEDIUMWP Duplicate Page <= 1.7 - Missing Authorization to Authenticated (Contributor+) Sensitive Information DisclosureEPSS 0.2%