Falhas do tipo CWE-862
7.075 resultadosCVE-2026-34722MEDIUMZammad is missing authorization in ticket create endpointEPSS 0.2%CVE-2025-67588MEDIUMWordPress Elementor Website Builder plugin <= 3.33.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57297MEDIUMA missing permission check in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers with Overall/Read peEPSS 0.2%CVE-2026-27769LOWConnected Workspaces: Malicious remote server can manipulate arbitrary user's statusEPSS 0.2%CVE-2026-57925MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tagsEPSS 0.2%CVE-2026-32527MEDIUMWordPress WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-41656MEDIUMWordPress Better Elementor Addons plugin <= 1.3.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13859MEDIUMAffiliateX 1.0.0 - 1.3.9.3 - Authenticated (Subscriber+) Missing Authorization to Stored Cross-Site Scripting via save_customization_settingsEPSS 0.2%CVE-2026-39614MEDIUMWordPress JW Player for WordPress plugin <= 2.3.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25011MEDIUMWordPress WP Custom Admin Interface plugin <= 7.41 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39592MEDIUMWordPress DEPART plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42648MEDIUMWordPress Spectra plugin <= 2.19.22 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39348MEDIUMOrangeHRM is Missing Authorization Checks in AbstractFileController Subclasses Expose Job Specification and Vacancy AttachmentsEPSS 0.2%CVE-2025-69361MEDIUMWordPress Post Expirator plugin <= 4.9.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27351MEDIUMWordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39504MEDIUMWordPress InstaWP Connect plugin <= 0.1.2.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32388MEDIUMWordPress GLB theme <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32394MEDIUMWordPress PublishPress Capabilities plugin <= 2.31.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39506MEDIUMWordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39565MEDIUMWordPress WpTravelly plugin <= 2.1.7 - Broken Access Control vulnerabilityEPSS 0.2%