Falhas do tipo CWE-862
6.843 resultadosCVE-2023-49757MEDIUMWordPress Awesome Support plugin <= 6.1.10 - Broken Access Control + CSRF vulnerabilityEPSS 0.5%CVE-2024-13060MEDIUMImproper Authorization in mintplex-labs/anything-llmEPSS 0.5%CVE-2024-5863MEDIUMEasy Image Collage <= 1.13.5 - Missing Authorization to Authenticated (Contributor+) Data ClearanceEPSS 0.5%CVE-2023-48774MEDIUMWordPress IdeaPush plugin < 8.58 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-65112CRITICALPubNet Critical Authentication Bypass Allows Unauthenticated Package Upload and Identity SpoofingEPSS 0.5%CVE-2024-5489MEDIUMWbcom Designs - Custom Font Uploader <= 2.3.4 - Missing Authorization to Font DeletionEPSS 0.5%CVE-2025-31012MEDIUMWordPress Age Gate plugin <= 3.5.4 - Broken Access Control VulnerabilityEPSS 0.5%CVE-2023-48324MEDIUMWordPress Awesome Support HelpDesk plugin <= 6.1.4 - Broken Access control vulnerabilityEPSS 0.5%CVE-2023-41690MEDIUMWordPress WiserNotify Social Proof plugin <= 2.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-41683MEDIUMWordPress TelSender plugin <= 1.14.11 - Broken Access Control + CSRF vulnerabilityEPSS 0.5%CVE-2023-36680MEDIUMWordPress Image Regenerate & Select Crop plugin <= 7.1.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-41952MEDIUMWordPress Fluent Forms plugin <= 5.0.8 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-41803MEDIUMWordPress BitPay Checkout for WooCommerce plugin <= 4.1.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-34976CRITICALDgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing AuthorizationEPSS 0.5%CVE-2025-70146CRITICALMissing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remotEPSS 0.5%CVE-2023-36528MEDIUMWordPress kk Star Ratings plugin <= 5.4.3 - Rate Manipulation due to IP Spoofing VulnerabilityEPSS 0.5%CVE-2023-41688MEDIUMWordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-53298CRITICALDell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains a missing authorization vulnerability in the NFS export. An unauthenticatEPSS 0.5%CVE-2024-33595MEDIUMWordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on Duplicate Post vulnerabilityEPSS 0.5%CVE-2023-36526MEDIUMWordPress Duplicate Post Page Menu & Custom Post Type plugin <= 2.4.1 - Broken Access Control vulnerabilityEPSS 0.5%