Falhas do tipo CWE-639
1.528 resultadosCVE-2024-10666MEDIUMEasy Twitter Feed – Twitter feeds plugin for WP <= 1.2.6 - Authenticated (Contributor+) Post ExposureEPSS 0.4%CVE-2022-31027MEDIUMAuthorization Bypass Through User-Controlled Key when using CILogonOAuthenticator in oauthenticatorEPSS 0.4%CVE-2025-12288MEDIUMBdtask Pharmacy Management System User Profile edit_user authorizationEPSS 0.4%CVE-2024-7473HIGHIDOR Vulnerability in lunary-ai/lunaryEPSS 0.4%CVE-2024-10868MEDIUMEnter Addons – Ultimate Template Builder for Elementor <= 2.1.9 - Authenticated (Contributor+) Post DisclosureEPSS 0.4%CVE-2024-9819MEDIUMIDOR in NextGEO's NG AnalyserEPSS 0.4%CVE-2024-9554MEDIUMSovell Smart Canteen System Password Reset suanfa.py Check_ET_CheckPwdz201 authorizationEPSS 0.4%CVE-2019-25235HIGHSmartwares HOME easy 1.0.9 Client-Side Authentication Bypass via Web PagesEPSS 0.4%CVE-2024-43315HIGHWordPress Stripe Payments For WooCommerce plugin <= 1.9.1 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.4%CVE-2019-19755CRITICALethOS through 1.3.3 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identificatEPSS 0.4%CVE-2025-67165CRITICALAn Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges.EPSS 0.4%CVE-2025-30777MEDIUMWordPress Support Genix plugin <= 1.4.11 - Insecure Direct Object References (IDOR) VulnerabilityEPSS 0.4%CVE-2024-5977MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Insecure Direct Object Reference to Authenticated (GiveWP Worker+) Arbitrary Post ActionsEPSS 0.4%CVE-2023-47191MEDIUMWordPress Youzify Plugin <= 1.2.2 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.4%CVE-2026-29002HIGHCouchCMS Privilege Escalation via f_k_levels_list ParameterEPSS 0.4%CVE-2026-35430HIGHAzure Privileged Identity Management (PIM) Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2026-2347CRITICALIDOR in Akıllı Ticaret's E-Commerce PackEPSS 0.4%CVE-2026-25497HIGHCraft has a GraphQL Asset Mutation Privilege EscalationEPSS 0.4%CVE-2026-32761MEDIUMFile Browser has an Authorization Policy Bypass in its Public Share Download FlowEPSS 0.4%CVE-2026-7648MEDIUMLearnPress – WordPress LMS Plugin for Create and Sell Online Courses <= 4.3.5 - Authenticated (Subscriber+) Payment Bypass to Free Course Enrollment via 'quantity' ParameterEPSS 0.4%