Falhas do tipo CWE-862
6.846 resultadosCVE-2025-32225MEDIUMWordPress WP Event Manager plugin <= 3.2.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-39996MEDIUMWordPress Accordion and Accordion Slider plugin <= 1.2.4 - Broken Access ControlEPSS 0.4%CVE-2025-32217MEDIUMWordPress Ai Image Alt Text Generator for WP plugin <= 1.1.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-38383MEDIUMWordPress Language plugin <= 1.2.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-38483MEDIUMWordPress Instant CSS plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-38480MEDIUMWordPress Booster Elementor Addons plugin <= 1.4.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-32219MEDIUMWordPress eaSYNC plugin <= 1.3.19 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31042MEDIUMWordPress Sandwich Adsense plugin <= 4.0.2 - Broken Access Control VulnerabilityEPSS 0.4%CVE-2025-31774MEDIUMWordPress plugin Astra Security Suite plugin<= 0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2021-24968—Ultimate FAQ < 2.1.2 - Subscriber+ Arbitrary FAQ CreationEPSS 0.4%CVE-2023-28675MEDIUMA missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously confEPSS 0.4%CVE-2024-12028MEDIUMFriends <= 3.2.1 - Missing AuthorizationEPSS 0.4%CVE-2024-13232HIGHWordPress Awesome Import & Export Plugin - Import & Export WordPress Data <= 4.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary SQL Execution/Privilege EscalationEPSS 0.4%CVE-2026-6222MEDIUMForminator Forms <= 1.51.1 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via 'forminator_action' ParameterEPSS 0.4%CVE-2024-13656HIGHClick Mag - Viral WordPress News Magazine/Blog Theme <= 3.6.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options DeletionEPSS 0.4%CVE-2024-4280MEDIUMWhite Label CMS <= 2.7.3 - Missing Authorization to Plugin Settings ResetEPSS 0.4%CVE-2024-33941MEDIUMWordPress iPanorama 360 plugin <= 1.8.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-32127MEDIUMWordPress Multi Rating plugin <= 5.0.6 - Unauth Arbitrary rating value changeEPSS 0.4%CVE-2026-8383MEDIUMLearnPress < 4.3.7 - Unauthenticated Sensitive User Information Disclosure via REST APIEPSS 0.4%CVE-2024-54217MEDIUMWordPress ARForms plugin <= 6.4.1 - Subscriber+ Plugin Settings Change vulnerabilityEPSS 0.4%