Falhas do tipo CWE-862
6.911 resultadosCVE-2026-24134MEDIUMStudioCMS has an Authorization Bypass Through User-Controlled KeyEPSS 0.3%CVE-2026-24606MEDIUMWordPress Bayarcash WooCommerce plugin <= 4.3.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-12826MEDIUMCustom Post Type UI <= 1.18.0 - Missing Authorization to Unauthenticated (Previously Administrator+) Custom Post Type ModificationEPSS 0.3%CVE-2026-12094MEDIUMAdvanced Contact Form 7 <= 1.0.0 - Missing Authorization to Unauthenticated Arbitrary Contact Form Submission Deletion via 'form_id' ParameterEPSS 0.3%CVE-2026-42433HIGHOpenClaw < 2026.4.10 - Unauthorized Matrix Profile Config Persistence Access via operator.write Message ToolsEPSS 0.3%CVE-2025-8357MEDIUMMedia Library Assistant <= 3.27 - Authenticated (Author+) Limited File DeletionEPSS 0.3%CVE-2023-40603MEDIUMWordPress Simple Org Chart plugin <= 2.3.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-32814MEDIUMWordPress Advanced Local Pickup for WooCommerce plugin <= 1.6.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-11438MEDIUMJhumanJ OpnForm API Endpoint custom-domains authorizationEPSS 0.3%CVE-2026-30850MEDIUMParse Server: File metadata endpoint bypasses `beforeFind` / `afterFind` trigger authorizationEPSS 0.3%CVE-2025-64348CRITICALELOG configuration file authorization bypassEPSS 0.3%CVE-2023-40672MEDIUMWordPress Sticky Social Media Icons plugin <= 2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-7822MEDIUMWP Wallcreeper <= 1.6.1 - Missing Authorization to Authenticated (Susbcriber+) Cache Enable/DisableEPSS 0.3%CVE-2025-39541MEDIUMWordPress WP Simple Booking Calendar plugin <= 2.0.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-51670MEDIUMWordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Arbitrary Plugin Activation vulnerabilityEPSS 0.3%CVE-2025-58680MEDIUMWordPress Gutentor plugin <= 3.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-20164HIGHA vulnerability in the Cisco Industrial Ethernet Switch Device Manager (DM) of Cisco IOS Software could allow an authenticated, remote attacEPSS 0.3%CVE-2026-8610MEDIUMTypeSquare Webfonts for ConoHa <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via 'fontThemeUseType' ParameterEPSS 0.3%CVE-2025-58678MEDIUMWordPress Accordion Plugin <= 2.3.15 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-50031MEDIUMWordPress DB Backup <= 6.0 - Broken Access Control VulnerabilityEPSS 0.3%