Falhas do tipo CWE-266
939 resultadosCVE-2025-52836CRITICALWordPress The E-Commerce ERP <= 2.1.1.3 - Privilege Escalation VulnerabilityEPSS 0.4%CVE-2025-4017MEDIUM20120630 Novel-Plus LogController.java list improper authorizationEPSS 0.4%CVE-2023-3114MEDIUMTerraform Enterprise Agent Pool Controls Allowed Unauthorized Workspaces To Target an Agent PoolEPSS 0.4%CVE-2025-67966HIGHWordPress Lawyer Directory plugin <= 1.3.3 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-69378HIGHWordPress Product Filter for WooCommerce plugin <= 9.1.2 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-22736HIGHWordPress User Management plugin <= 1.2 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-6532MEDIUMNOYAFA/Xiami LF9 Pro RTSP Live Video Stream Endpoint access controlEPSS 0.4%CVE-2025-4036MEDIUM201206030 Novel Chapter AuthorController.java updateBookChapter access controlEPSS 0.4%CVE-2024-51888CRITICALWordPress Homey Login Register Plugin <= 2.4.0 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2026-2983MEDIUMSourceCodester Student Result Management System Bulk Import import_users.php access controlEPSS 0.4%CVE-2025-60220CRITICALWordPress CouponXxL theme <= 3.0.0 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-13808MEDIUMorionsec orion-ops User Profile UserController.java update improper authorizationEPSS 0.4%CVE-2024-49219HIGHWordPress RS-Members plugin <= 1.0.3 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2024-49608HIGHWordPress GERRYWORKS Post by Mail plugin <= 1.0 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-23391CRITICALRancher: Restricted Administrator can change Administrator's passwordsEPSS 0.4%CVE-2026-24968CRITICALWordPress Xagio SEO plugin <= 7.1.0.30 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2026-22267HIGHDell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attaEPSS 0.4%CVE-2025-6735MEDIUMjuzaweb CMS Import Page imports improper authorizationEPSS 0.4%CVE-2025-6736MEDIUMjuzaweb CMS Add New Themes Page install improper authorizationEPSS 0.4%CVE-2024-50481HIGHWordPress Bstone Demo Importer plugin <= 1.0.1 - Privilege Escalation vulnerabilityEPSS 0.4%