Falhas do tipo CWE-862
6.883 resultadosCVE-2025-29000HIGHWordPress Multi-language Responsive Contact Form plugin <= 2.8 - Broken Access Control VulnerabilityEPSS 0.4%CVE-2024-1937HIGHBrizy – Page Builder <= 2.4.44 - Missing Authorization to Authenticated (Contributor+) Post ModificationEPSS 0.4%CVE-2024-5997MEDIUMDuplica <= 0.6 - Authenticated (Subscriber+) Missing Authorization to Users/Posts Duplicates CreationEPSS 0.4%CVE-2023-51494MEDIUMWordPress WooCommerce Product Vendors plugin <= 2.2.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35661MEDIUMWordPress Upload Fields for WPForms plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43331MEDIUMWordPress WP SMS plugin <= 6.9.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-32544HIGHWordPress WooCommerce Loyal Customers plugin <= 2.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-30885MEDIUMWWBN AVideo - Unauthenticated IDOR - Playlist Information DisclosureEPSS 0.4%CVE-2025-6253HIGHUiCore Elements <= 1.3.0 - Missing Authorization to Unauthenticated Arbitrary File ReadEPSS 0.4%CVE-2024-31421MEDIUMWordPress Popup by Supsystic plugin <= 1.10.27 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-30544MEDIUMWordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33545MEDIUMWordPress WZone plugin <= 14.0.10 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32799MEDIUMWordPress Easy Property Listings plugin <= 3.5.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2019-14822—A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus oEPSS 0.4%CVE-2026-8934MEDIUMCross-Project Information Leakage in Google App Engine UIEPSS 0.4%CVE-2026-44321HIGHfree5GC: SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)EPSS 0.4%CVE-2023-44258MEDIUMWordPress Schema App Structured Data plugin <= 1.23.1 - Broken Access Control + CSRF vulnerabilityEPSS 0.4%CVE-2025-30916MEDIUMWordPress Residential Address Detection plugin <= 2.5.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-45649MEDIUMWordPress Appointment Hour Booking plugin <= 1.4.23 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-54254MEDIUMWordPress Message Filter for Contact Form 7 plugin <= 1.6.3 - Broken Access Control vulnerabilityEPSS 0.4%