Falhas do tipo CWE-862

7.033 resultados
CVE-2026-25408MEDIUMWordPress Broken Link Notifier plugin <= 1.3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-31435MEDIUMWordPress Social Media Share Buttons & Social Sharing Icons plugin <= 2.8.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48334MEDIUMWordPress Woo Slider Pro <= 1.12 - Arbitrary Content Deletion VulnerabilityEPSS 0.2%CVE-2026-39650MEDIUMWordPress UnitechPay plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-4127MEDIUMSpeedup Optimization <= 1.5.9 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update via 'speedup01_enabled' AJAX ActionEPSS 0.2%CVE-2026-4063MEDIUMSocial Icons Widget & Block <= 4.5.8 - Missing Authorization to Authenticated (Subscriber+) Sharing Configuration CreationEPSS 0.2%CVE-2026-50282MEDIUMCraft CMS: Unauthorized Deletion of Destination Folders During Forced MovesEPSS 0.2%CVE-2025-58198MEDIUMWordPress Xpro Theme Builder Plugin <= 1.2.9 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-1148MEDIUMSourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System cross-site request forgeryEPSS 0.2%CVE-2026-32736MEDIUMHytale Modding Wiki has Insecure Direct Object Reference / GDPR PII ExposureEPSS 0.2%CVE-2025-14065MEDIUMSimple Bike Rental <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Sensitive Booking Data ExposureEPSS 0.2%CVE-2025-53571MEDIUMWordPress HAPPY plugin <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-11916HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-4764CRITICALPrivilege Escalation in Dialogflow CX via Playbook ImportEPSS 0.2%CVE-2025-47709MEDIUMEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-055EPSS 0.2%CVE-2025-48108MEDIUMWordPress School Management Plugin <= 93.2.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-44751HIGHMissing Authorization check in Application Server ABAP of SAP NetWeaver and ABAP PlatformEPSS 0.2%CVE-2025-14074MEDIUMPDF for Contact Form 7 + Drag and Drop Template Builder <= 6.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DuplicationEPSS 0.2%CVE-2025-55712MEDIUMWordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 6.3.13 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-33425MEDIUMDiscourse has inferable private group membership or existence via exclude_groups parameterEPSS 0.2%