Falhas do tipo CWE-862
6.854 resultadosCVE-2024-38733MEDIUMWordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-3358MEDIUMTutor LMS <= 3.9.7 - Missing Authorization to Authenticated (Subscriber+) Unauthorized Private Course EnrollmentEPSS 0.4%CVE-2025-9747MEDIUMKoillection csrf_protection_controller.js cross-site request forgeryEPSS 0.4%CVE-2023-28168LOWWordPress WordPress Console plugin <= 0.3.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-23534MEDIUMWordPress WPLingo plugin <= 1.1.2 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2023-45636MEDIUMWordPress Backup & Migration plugin <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-23515MEDIUMWordPress ts-tree plugin <= 0.1.1 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2023-46632HIGHWordPress My Shortcodes plugin <= 2.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-23771MEDIUMWordPress Push Notification for Post and BuddyPress plugin <= 2.11 - Settings Change vulnerabilityEPSS 0.4%CVE-2025-23766MEDIUMWordPress OPSI Israel Domestic Shipments plugin <= 2.8.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-52950MEDIUMJuniper Security Director: Insufficient authorization for multiple endpoints in web interfaceEPSS 0.4%CVE-2025-5117HIGHProperty 1.0.5 - 1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal RegistrationEPSS 0.4%CVE-2024-34442MEDIUMWordPress weDocs plugin <= 2.1.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-5468MEDIUMWordPress Header Builder Plugin – Pearl <= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options DeletionEPSS 0.4%CVE-2026-4057MEDIUMDownload Manager <= 3.3.51 - Missing Authorization to Authenticated (Contributor+) Media File Protection RemovalEPSS 0.4%CVE-2024-9697MEDIUMSocial Rocket – Social Sharing Plugin <= 1.3.4 - Missing Authorization to Settings UpdateEPSS 0.4%CVE-2023-4700LOWMissing Authorization in GitLabEPSS 0.4%CVE-2026-26367HIGHJUNG eNet SMART HOME server 2.2.1/2.3.1 Arbitrary User Deletion via deleteUserAccountEPSS 0.4%CVE-2022-31597—Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/SlovakEPSS 0.4%CVE-2025-26960MEDIUMWordPress Small Package Quotes – Unishippers Edition plugin <= 2.4.9 - Broken Access Control vulnerabilityEPSS 0.4%