Falhas do tipo CWE-862
7.009 resultadosCVE-2025-52818HIGHWordPress Trusty Whistleblowing plugin <= 2.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-4202MEDIUMMulticollab: Content Team Collaboration and Editorial Workflow <= 5.2 - Missing Authorization to Authenticated (Subscriber+) Collaboration CommentEPSS 0.2%CVE-2024-55070LOWA Broken Object Level Authorization vulnerability in the component /households/permissions of hay-kot mealie v2.2.0 allows group managers toEPSS 0.2%CVE-2024-44156HIGHA path deletion vulnerability was addressed by preventing vulnerable code from running with privileges. This issue is fixed in macOS SequoiaEPSS 0.2%CVE-2025-14886MEDIUMJapanized for WooCommerce <= 2.7.17 - Missing Authorization to Unauthenticated Order Status ModificationEPSS 0.2%CVE-2024-55408MEDIUMAn improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the driver whEPSS 0.2%CVE-2026-33214MEDIUMWeblate has improper access control for the translation memory APIEPSS 0.2%CVE-2025-14633MEDIUMF70 Lead Document Download <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Media File DownloadEPSS 0.2%CVE-2026-3567MEDIUMRepairBuddy <= 4.1132 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via wc_rep_shop_settings_submission AJAX ActionEPSS 0.2%CVE-2025-67560MEDIUMWordPress Listdom plugin <= 5.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62916MEDIUMWordPress Flights & Hotels Booking WP Plugin plugin <= 3.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54025MEDIUMWordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change VulnerabilityEPSS 0.2%CVE-2025-14034MEDIUMilGhera Support System for WooCommerce <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket DeletionEPSS 0.2%CVE-2025-39362MEDIUMWordPress Mollie Payments for WooCommerce plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2025-14365MEDIUMEyewear prescription form <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Category DeletionEPSS 0.2%CVE-2025-47585MEDIUMWordPress Booking and Rental Manager plugin <= 2.3.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53230HIGHWordPress Page Manager for Elementor Plugin <= 2.0.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-13312MEDIUMCRM Memberships <= 2.5 - Missing Authorization to Unauthenticated 'ntzcrm_add_new_tag' AJAX ActionEPSS 0.2%CVE-2026-39701MEDIUMWordPress ShopWP plugin <= 5.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14366MEDIUMEyewear prescription form <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Product CreationEPSS 0.2%