Falhas do tipo CWE-862

6.850 resultados
CVE-2026-48592MEDIUMMissing authorization check on save-job event handler in oban_webEPSS 0.4%CVE-2026-27836HIGHphpMyFAQ Allows Unauthenticated Account Creation via WebAuthn Prepare EndpointEPSS 0.4%CVE-2023-47832MEDIUMWordPress SearchIQ plugin <= 4.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-38792MEDIUMWordPress ConveyThis Translate plugin <= 234 - Non-arbitrary Options Update vulnerabilityEPSS 0.4%CVE-2023-49835MEDIUMWordPress Post Duplicator plugin <= 2.31 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-30911HIGHApache Airflow: Execution API HITL Endpoints Missing Per-Task AuthorizationEPSS 0.4%CVE-2024-31098HIGHWordPress New Order Notification for Woocommerce plugin <= 2.0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-7051MEDIUMBlog2Social: Social Media Auto Post & Scheduler <= 8.9.0 - Missing Authorization to Authenticated (Subscriber+) Delete Arbitrary B2S Post Records via 'postId' ParameterEPSS 0.4%CVE-2024-49325MEDIUMWordPress Photo Gallery Builder plugin <= 3.0 - Broken Access Control to Notice Dismissal vulnerabilityEPSS 0.4%CVE-2024-30467MEDIUMWordPress Essential Blocks plugin <= 4.4.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-30534MEDIUMWordPress Calendarista Basic Edition plugin <= 3.0.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-40265MEDIUMNote Mark has Broken Access Control on Asset DownloadEPSS 0.4%CVE-2023-2557MEDIUMWPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Arbitrary Custom Drop-Down Currency Switcher EditingEPSS 0.4%CVE-2024-43159MEDIUMWordPress Masteriyo LMS plugin <= 1.11.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-31244CRITICALWordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change vulnerabilityEPSS 0.4%CVE-2023-47847MEDIUMWordPress PayTR Taksit Tablosu plugin <= 1.3.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37475MEDIUMWordPress Newspack Newsletters plugin <= 2.13.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-38690MEDIUMWordPress iPanorama 360 plugin <= 1.8.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-13813MEDIUMmoxi159753 Mogu Blog v2 Storage Management Endpoint storage authorizationEPSS 0.4%CVE-2024-1385HIGHWP-Stateless – Google Cloud Storage <= 3.4.0 - Missing Authorization to Limited Arbitrary Options UpdateEPSS 0.4%