Falhas do tipo CWE-862
7.052 resultadosCVE-2026-41298MEDIUMOpenClaw < 2026.4.2 - Authorization Bypass in Session Termination EndpointEPSS 0.2%CVE-2026-24625MEDIUMWordPress File Uploads Addon for WooCommerce plugin <= 1.7.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66110MEDIUMWordPress Tiktok Feed plugin <= 1.0.23 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58976MEDIUMWordPress Accessibility Checker by Equalize Digital Plugin <= 1.31.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-49857MEDIUMWordPress myCred plugin <= 2.9.4.2 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-66086MEDIUMWordPress SMS Alert Order Notifications plugin <= 3.8.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48009LOWSingle Content Sync - Moderately critical - Access bypass - SA-CONTRIB-2025-060EPSS 0.2%CVE-2026-39967LOWTypeBot: Cross-Typebot Result Data Access via Missing typebotId FilterEPSS 0.2%CVE-2026-1927MEDIUMGreenShift - Animation and Page Builder Blocks <= 12.6 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure of AI API Keys and Stored Cross-Site Scripting via custom_cssEPSS 0.2%CVE-2026-1667HIGHSEO Plugin by Squirrly SEO <= 14.0.0 - Unauthenticated Arbitrary Post Creation and Stored Cross-Site Scripting via savePost()EPSS 0.2%CVE-2025-0836MEDIUMXProtect MIP API Missing AuthorizationEPSS 0.2%CVE-2026-54322HIGHDaytona: Cross-org IDOR in organization role update/delete — any org owner can rewrite or destroy another org's rolesEPSS 0.2%CVE-2026-24368MEDIUMWordPress The Grid plugin < 2.8.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39653MEDIUMWordPress Video Conferencing with Zoom plugin <= 4.6.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-22481MEDIUMWordPress BD Courier Order Ratio Checker plugin <= 2.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25314MEDIUMWordPress TOP Table Of Contents plugin <= 1.3.31 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24578MEDIUMWordPress Admin login URL Change plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25330MEDIUMWordPress PublishPress Authors plugin <= 4.10.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25394MEDIUMWordPress Fitness FSE theme <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-22450MEDIUMWordPress Don Peppe theme <= 1.3 - Broken Access Control vulnerabilityEPSS 0.2%