Falhas do tipo CWE-862
7.035 resultadosCVE-2026-6706MEDIUMImproper
access control in the vault documentation feature in Devolutions
Server allows an authenticated attacker to read documentation coEPSS 0.2%CVE-2025-42911MEDIUMMissing Authorization check in SAP NetWeaver (Service Data Download)EPSS 0.2%CVE-2026-24582MEDIUMWordPress FlexTable plugin <= 3.24.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27327MEDIUMWordPress YayMail – WooCommerce Email Customizer plugin <= 4.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27409MEDIUMWordPress Webba Booking plugin <= 6.4.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24545MEDIUMWordPress QR Redirector plugin <= 2.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-58101HIGHSamsung Galaxy Buds and Galaxy Buds 2 audio devices are Bluetooth pairable by default without user input nor a way to stop this mode. As a cEPSS 0.2%CVE-2026-59709MEDIUMGhostfolio - Unauthorized Portfolio Holding Tag Modification via Missing Permission CheckEPSS 0.2%CVE-2026-24527MEDIUMWordPress Autoship Cloud for WooCommerce Subscription Products plugin <= 2.14.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62964MEDIUMWordPress MDTF plugin <= 1.3.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-36361MEDIUMIBM App Connect Enterprise runtime is vulnerable to a lack of authorization on windows environments using IWAEPSS 0.2%CVE-2026-2608MEDIUMGutenberg Blocks by Kadence Blocks <= 3.5.32 - Missing AuthorizationEPSS 0.2%CVE-2025-66068MEDIUMWordPress InstaWP Connect plugin <= 0.1.1.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3226MEDIUMLearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Notification TriggeringEPSS 0.2%CVE-2025-8505MEDIUM495300897 wx-shop cross-site request forgeryEPSS 0.2%CVE-2025-12170MEDIUMCheckbox <= 2.8.10 - Missing Authorization to Unauthenticated Log ClearingEPSS 0.2%CVE-2026-58373MEDIUMCVAT < 2.69.0 - Missing Authorization on Quality Reports parent_id Filter Leaks Cross-Organization Report ExistenceEPSS 0.2%CVE-2026-6372HIGHWordPress Accept Cryptocurrencies with Plisio plugin <= 2.0.5 - Payment Bypass vulnerabilityEPSS 0.2%CVE-2025-14426MEDIUMStrong Testimonials <= 3.2.18 - Missing Authorization to Authenticated (Contributor+) Rating Meta UpdateEPSS 0.2%CVE-2025-1326MEDIUMHomey - Booking and Rentals WordPress Theme <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Reservation & Post DeletionEPSS 0.2%