Falhas do tipo CWE-266
948 resultadosCVE-2026-32520CRITICALWordPress RewardsWP plugin <= 1.0.4 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-49058CRITICALWordPress LoginPress Pro plugin <= 6.2.2 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-34901CRITICALWordPress iControlWP plugin <= 5.5.3 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-27983CRITICALWordPress LMS Elementor Pro plugin <= 1.0.4 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-22337CRITICALWordPress Directorist Social Login plugin < 2.1.4 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-42731CRITICALWordPress miniorange otp verification plugin <= 5.4.9 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-46203MEDIUMAn issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint.EPSS 0.3%CVE-2025-6702MEDIUMlinlinjava litemall post improper authorizationEPSS 0.3%CVE-2026-1193MEDIUMMineAdmin View view improper authorizationEPSS 0.3%CVE-2025-11281LOWFrappe LMS Unpublished Course courses access controlEPSS 0.3%CVE-2025-48165HIGHWordPress DELUCKS SEO Plugin <= 2.6.0 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-11440MEDIUMJhumanJ OpnForm edit access controlEPSS 0.3%CVE-2026-2561MEDIUMJingDong JD Cloud Box AX6600 jdcweb_rpc jdcapi web_get_ddns_uptime privileges managementEPSS 0.3%CVE-2025-14206MEDIUMSourceCodester Online Student Clearance System Fee Table delete-fee.php improper authorizationEPSS 0.3%CVE-2026-2562MEDIUMJingDong JD Cloud Box AX6600 jdcweb_rpc jdcapi cast_streen privileges managementEPSS 0.3%CVE-2025-23407MEDIUMIncorrect privilege assignment vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a EPSS 0.3%CVE-2025-0628HIGHImproper Authorization in BerriAI/litellmEPSS 0.3%CVE-2024-11485MEDIUMCode4Berry Decoration Management System User userregister.php permissionEPSS 0.3%CVE-2025-64761HIGHOpenBao Privileged Operator Identity Group Root EscalationEPSS 0.3%CVE-2026-5330MEDIUMSourceCodester/mayuri_k Best Courier Management System User Delete ajax.php access controlEPSS 0.3%