Falhas do tipo CWE-266
939 resultadosCVE-2024-50481HIGHWordPress Bstone Demo Importer plugin <= 1.0.1 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-50007HIGHWordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2022-3458MEDIUMSourceCodester Human Resource Management System Image File employeeview.php unrestricted uploadEPSS 0.4%CVE-2022-3496MEDIUMSourceCodester Human Resource Management System Admin Panel employeeadd.php access controlEPSS 0.4%CVE-2026-11555MEDIUMD-Link DGS-1100-08PD Web boa.conf least privilege violationEPSS 0.4%CVE-2025-3587MEDIUMZeroWdd/code-projects studentmanager getTeacherList improper authorizationEPSS 0.4%CVE-2023-26280MEDIUMIBM Jazz Foundation improper access controlEPSS 0.4%CVE-2025-13806MEDIUMnutzam NutzBoot Transaction API EthModule.java improper authorizationEPSS 0.4%CVE-2025-0849MEDIUMCampCodes School Management Software Staff edit-staff improper authorizationEPSS 0.4%CVE-2026-43510MEDIUMCISA manage.get.gov insecure portfolio administrative privilegesEPSS 0.4%CVE-2025-10318MEDIUMJeecgBoot WebSocket Message sendWebSocketMsg improper authorizationEPSS 0.4%CVE-2020-16120MEDIUMUnprivileged overlay + shiftfs read accessEPSS 0.4%CVE-2025-8840MEDIUMjshERP Endpoint deleteBatch improper authorizationEPSS 0.4%CVE-2025-6325CRITICALWordPress King Addons for Elementor plugin <= 51.1.36 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2026-1112MEDIUMSanluan PublicCMS Trade Address Deletion Endpoint TradeAddressController.java delete improper authorizationEPSS 0.4%CVE-2025-53425HIGHWordPress Dokan plugin <= 4.1.3 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2026-1106MEDIUMChamilo LMS Legal Consent SocialController.php deleteLegal improper authorizationEPSS 0.4%CVE-2026-27407HIGHWordPress AI Engine plugin <= 3.4.9 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-4016MEDIUM20120630 Novel-Plus LogController.java deleteIndex improper authorizationEPSS 0.4%CVE-2024-51800CRITICALWordPress Homey theme <= 2.4.1 - Privilege Escalation vulnerabilityEPSS 0.4%