Falhas do tipo CWE-862
7.023 resultadosCVE-2026-24568MEDIUMWordPress WP Travel plugin <= 11.1.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32345MEDIUMWordPress Perfect Portfolio theme <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39643MEDIUMWordPress Payment Plugins for PayPal WooCommerce plugin <= 2.0.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39663MEDIUMWordPress TrueBooker plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66133MEDIUMWordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25386MEDIUMWordPress Ally plugin <= 4.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32347MEDIUMWordPress Restaurant and Cafe theme <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64634MEDIUMWordPress Avada theme <= 7.13.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12165MEDIUMWebcake – Landing Page Builder <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.2%CVE-2025-68591MEDIUMWordPress Simple File List plugin <= 6.1.18 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66104MEDIUMWordPress Offload, AI & Optimize with Cloudflare Images plugin <= 1.9.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39622MEDIUMWordPress Education Base theme <= 3.0.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49349MEDIUMWordPress Reuters Direct plugin <= 3.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39691MEDIUMWordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin <= 2.2.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12180MEDIUMQi Blocks <= 1.4.3 - Missing Authorization to Authenticated (Contributor+) Plugin Settings UpdateEPSS 0.2%CVE-2026-32350MEDIUMWordPress Chocolate House theme <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64636MEDIUMWordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66128MEDIUMWordPress Sendinblue for WooCommerce plugin <= 4.0.49 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68593MEDIUMWordPress WP Adminify plugin <= 4.0.6.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14450MEDIUMWallet System for WooCommerce <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wallet Balance ManipulationEPSS 0.2%