Falhas do tipo CWE-862
6.912 resultadosCVE-2026-4292LOWPrivilege abuse in ModelAdmin.list_editableEPSS 0.3%CVE-2025-39541MEDIUMWordPress WP Simple Booking Calendar plugin <= 2.0.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30993MEDIUMWordPress Thank You Page Customizer for WooCommerce – Increase Your Sales <= 1.1.7 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-50031MEDIUMWordPress DB Backup <= 6.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-8610MEDIUMTypeSquare Webfonts for ConoHa <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via 'fontThemeUseType' ParameterEPSS 0.3%CVE-2025-58680MEDIUMWordPress Gutentor plugin <= 3.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47527HIGHWordPress Icegram Collect – Easy Form, Lead Collection and Subscription plugin <= 1.3.18 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-15070MEDIUMData Exposure in Gmission Web FAXEPSS 0.3%CVE-2025-14629MEDIUMAlchemist Ajax Upload <= 1.1 - Missing Authorization to Unauthenticated Arbitrary Media File DeletionEPSS 0.3%CVE-2026-1722MEDIUMWCFM Marketplace <= 3.7.0 - Insecure Direct Object Reference to Unauthenticated Arbitrary Refund Request CreationEPSS 0.3%CVE-2025-20164HIGHA vulnerability in the Cisco Industrial Ethernet Switch Device Manager (DM) of Cisco IOS Software could allow an authenticated, remote attacEPSS 0.3%CVE-2025-5956MEDIUMWP Human Resource Management 2.0.0 - 2.2.17 - Missing Authorization to Authenticated (Employee+) Arbitrary User Deletion via ajax_delete_employee FunctionEPSS 0.3%CVE-2025-41112HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-62049MEDIUMWordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-23541HIGHWordPress Mail Mint plugin <= 1.19.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12606MEDIUMAI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2025-41336HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-31858MEDIUMWordPress Local Magic plugin <= 2.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-41337HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2026-34903MEDIUMWordPress Ocean Extra plugin <= 2.5.3 - Broken Access Control vulnerabilityEPSS 0.3%