Falhas do tipo CWE-862

7.059 resultados
CVE-2025-12389MEDIUMImport Export For WooCommerce <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.2%CVE-2023-32959MEDIUMWordPress MetroStore theme <= 1.3.2 - Broken Access ControlEPSS 0.2%CVE-2026-57750MEDIUMWordPress ez Form Calculator Premium plugin <= 2.14.1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64265MEDIUMWordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42522MEDIUMA missing permission check in Jenkins GitHub Branch Source Plugin 1967.vdea_d580c1a_b_a_ and earlier allows attackers with Overall/Read permEPSS 0.2%CVE-2025-11257MEDIUMLLM Hubspot Blog Import <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Hubspot ImportEPSS 0.2%CVE-2026-32445LOWWordPress Elementor Website Builder plugin <= 3.35.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-29001MEDIUMWordPress WooCommerce Shop Page Builder plugin <= 2.27.7 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-29007MEDIUMWordPress LMSACE Connect plugin <= 3.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-67583MEDIUMWordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67580MEDIUMWordPress Constant Contact + WooCommerce plugin <= 2.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67581MEDIUMWordPress TrueBooker plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53323MEDIUMWordPress Pre-Publish Post Checklist plugin <= 3.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2024-39546HIGHJunos OS Evolved: Local low-privilege user can gain root permissions leading to privilege escalationEPSS 0.2%CVE-2025-67582MEDIUMWordPress Wbcom Designs plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13722MEDIUMFluent Forms <= 6.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Creation via AI BuilderEPSS 0.2%CVE-2025-67599MEDIUMWordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3176LOWMissing Authorization in GitLabEPSS 0.2%CVE-2025-64379MEDIUMWordPress Booster for WooCommerce plugin <= 7.4.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-31821MEDIUMSylius is Missing Authorization in API v2 Add Item EndpointEPSS 0.2%