Falhas do tipo CWE-862

7.035 resultados
CVE-2025-48139MEDIUMWordPress StyleAI plugin <= 1.0.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-48339MEDIUMWordPress Profiler - What Slowing Down Your WP <= 1.0.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-54734MEDIUMWordPress B Slider Plugin <= 1.1.30 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58979MEDIUMWordPress BerqWP Plugin <= 2.2.53 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58201MEDIUMWordPress AfterShip Tracking Plugin <= 1.17.17 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-13934MEDIUMTutor LMS – eLearning and online course solution <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Course Enrollment BypassEPSS 0.2%CVE-2025-53337MEDIUMWordPress LifePress plugin <= 2.1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42669HIGHWordPress EventPrime plugin <= 4.3.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-0674MEDIUMWordPress Campaign Monitor for WordPress plugin <= 2.9.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13935MEDIUMTutor LMS – eLearning and online course solution <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Course CompletionEPSS 0.2%CVE-2025-58639MEDIUMWordPress Contact Form By Mega Forms Plugin <= 1.6.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-14618MEDIUMSweet Energy Efficiency <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph DeletionEPSS 0.2%CVE-2025-53374LOWDokploy Improperly Discloses User Information via user.one EndpointEPSS 0.2%CVE-2026-3829MEDIUMWP Encryption - One Click SSL & Force HTTPS <= 7.8.5.10 - Missing Authorization to Authenticated (Subscriber+) SSL Setup TamperingEPSS 0.2%CVE-2026-8236MEDIUMConcrete CMS 9.5.0 and below is vulnerable to IDOR combined with a missing authentication gate for endpoint /ccm/system/dialogs/file/usage/{fID}EPSS 0.2%CVE-2026-24388MEDIUMWordPress WPMasterToolKit plugin <= 2.14.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-42986MEDIUMMissing Authorization check in SAP NetWeaver and ABAP PlatformEPSS 0.2%CVE-2025-13628MEDIUMTutor LMS – eLearning and online course solution <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Coupon ModificationEPSS 0.2%CVE-2026-24386MEDIUMWordPress Element Invader – Template Kits for Elementor plugin <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42776MEDIUMWordPress Sunshine Photo Cart plugin <= 3.6.7 - Broken Access Control vulnerabilityEPSS 0.2%