Falhas do tipo CWE-862
6.850 resultadosCVE-2023-51682MEDIUMWordPress MC4WP plugin <= 4.9.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2020-36702MEDIUMSpectra – WordPress Gutenberg Blocks <= 1.14.7 - Missing AuthorizationEPSS 0.4%CVE-2024-11323HIGHAI Quiz | Quiz Maker <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.4%CVE-2024-43209MEDIUMWordPress Bitly's WordPress Plugin plugin <= 2.7.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1844MEDIUMRevivePress – Keep your Old Content Evergreen <= 1.5.6 - Missing AuthorizationEPSS 0.4%CVE-2024-43235HIGHWordPress Meta Box plugin <= 5.9.10 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-31073MEDIUMWordPress Shortcode to display post and user data plugin <= 1.2.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-4282MEDIUMEmbedPress <= 3.8.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Delete via admin_post_remove and remove_private_dataEPSS 0.4%CVE-2024-38771MEDIUMWordPress Atarim plugin <= 4.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-25993MEDIUMWordPress Top 10 – Popular posts plugin for WordPress plugin <= 3.2.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-36113MEDIUMDiscourse missing authorization checks for suspending admins/moderatorsEPSS 0.4%CVE-2024-10003MEDIUMRover IDX <= 3.0.0.2903 - Authenticated (Subscriber+) Missing Authorization via Multiple FunctionsEPSS 0.4%CVE-2026-33950CRITICALsignalk-server: Privilege Escalation by Admin Role Injection via /enableSecurityEPSS 0.4%CVE-2025-15406MEDIUMPHPGurukul Online Course Registration authorizationEPSS 0.4%CVE-2024-43254MEDIUMWordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-10579MEDIUMHustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.5 - Missing Authorization to Unpublished Form ExposureEPSS 0.4%CVE-2023-37890MEDIUMWordPress KB Support Plugin <= 1.5.88 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2024-11271HIGHWordPress Webinar Plugin – WebinarPress <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Webinar UpdatesEPSS 0.4%CVE-2024-43355MEDIUMWordPress JoomSport plugin <= 5.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-30233MEDIUMOliveTin: View permission not being checked when returning dashboardsEPSS 0.4%