Falhas do tipo CWE-862
7.033 resultadosCVE-2025-47709MEDIUMEnterprise MFA - TFA for Drupal - Critical - Access bypass - SA-CONTRIB-2025-055EPSS 0.2%CVE-2026-4764CRITICALPrivilege Escalation in Dialogflow CX via Playbook ImportEPSS 0.2%CVE-2025-53571MEDIUMWordPress HAPPY plugin <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14074MEDIUMPDF for Contact Form 7 + Drag and Drop Template Builder <= 6.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DuplicationEPSS 0.2%CVE-2024-11916HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-32736MEDIUMHytale Modding Wiki has Insecure Direct Object Reference / GDPR PII ExposureEPSS 0.2%CVE-2025-58198MEDIUMWordPress Xpro Theme Builder Plugin <= 1.2.9 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-10616MEDIUMnextlevelbuilder GoClaw Team Task Completion team_tasks_lifecycle.go TeamTasksTool.executeComplete authorizationEPSS 0.2%CVE-2025-68608HIGHWordPress Userpro plugin <= 5.1.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25312HIGHWordPress EventPrime plugin <= 4.2.8.3 - Payment Bypass vulnerabilityEPSS 0.2%CVE-2025-62048MEDIUMWordPress SmartCrawl plugin <= 3.14.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54458MEDIUMUnauthorized Subscription Creation to Confluence Space in Mattermost Confluence PluginEPSS 0.2%CVE-2025-69012MEDIUMWordPress Event Organiser plugin <= 3.12.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-31942HIGHLibreChat has IDOR in API Keys Management that allows any authenticated user to overwrite other users' API keysEPSS 0.2%CVE-2025-53857LOWLack of Authorization on Get Channel Subscriptions for Autocomplete in Mattermost Confluence PluginEPSS 0.2%CVE-2025-44001MEDIUMUnauthorized Channel Subscription Read in Mattermost Confluence PluginEPSS 0.2%CVE-2026-27424MEDIUMWordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54018MEDIUMWordPress CM Pop-Up banners plugin <= 1.8.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-14117MEDIUMfit2cloud Halo cross-site request forgeryEPSS 0.2%CVE-2026-1797MEDIUMTruebooker - Appointment Booking and Scheduler Plugin <= 1.1.4 - Sensitive Information Exposure via Views FilesEPSS 0.2%