Falhas do tipo CWE-862
6.917 resultadosCVE-2026-30970HIGHSession authentication bypass in Coral Server session creation endpointEPSS 0.3%CVE-2024-37483MEDIUMWordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-25929MEDIUMWordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1336MEDIUMAI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.5 - Missing Authorization to Unauthenticated API Key ModificationEPSS 0.3%CVE-2023-36694MEDIUMWordPress Kingkong Board plugin <= 2.1.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-3477MEDIUMPZ Frontend Manager <= 1.0.6 - Missing Authorization to Arbitrary User Deletion via 'dataType' ParameterEPSS 0.3%CVE-2024-25643MEDIUMMissing authorization check in SAP Fiori app (My Overtime Requests)EPSS 0.3%CVE-2026-35033CRITICALJellyfin: Potential SSRF + Arbitrary file read via stream argument injectionEPSS 0.3%CVE-2025-1666MEDIUMCookie banner plugin for WordPress – Cookiebot CMP by Usercentrics <= 4.4.1 - Missing Authorization to Authenticated (Subscriber+) Survey SubmissionEPSS 0.3%CVE-2024-54323MEDIUMWordPress New User Approve plugin <= 2.6.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-24741MEDIUMMissing Authorization check in SAP Master Data Governance MaterialEPSS 0.3%CVE-2024-11724MEDIUMCookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Whitelist ScriptEPSS 0.3%CVE-2023-41296—Vulnerability of missing authorization in the kernel module. Successful exploitation of this vulnerability may affect integrity and confidenEPSS 0.3%CVE-2024-49321MEDIUMWordPress Simple Custom Post Order plugin <= 2.5.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1813MEDIUMzj1983 zz cross-site request forgeryEPSS 0.3%CVE-2026-8681MEDIUMEssential Chat Support <= 1.0.1 - Missing Authorization to Unauthenticated Settings Reset via 'ecs_reset_settings' ParameterEPSS 0.3%CVE-2024-13449MEDIUMBoom Fest <= 2.2.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.3%CVE-2023-29237MEDIUMWordPress Remove Duplicate Posts plugin <= 1.3.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-9686MEDIUMOrder Notification for Telegram <= 1.0.1 - Missing Authorization to Unauthenticated Send Telegram Test MessageEPSS 0.3%CVE-2025-28965HIGHWordPress URL Shortener <= 3.0.7 - Broken Access Control VulnerabilityEPSS 0.3%