Falhas do tipo CWE-862
6.946 resultadosCVE-2025-23963MEDIUMWordPress Mark Posts plugin <= 2.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47463HIGHWordPress Stock Locations for WooCommerce plugin <= 2.8.6 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-40625MEDIUMMissing Authorization check in SAP Manage Purchase Contracts AppEPSS 0.3%CVE-2025-49723HIGHWindows StateRepository API Server file Tampering VulnerabilityEPSS 0.3%CVE-2026-48835HIGHWordPress Contact Form by WPForms plugin <= 1.10.0.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22561MEDIUMWordPress Title Experiments Free plugin <= 9.0.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-10352CRITICALMissing Authorization vulnerability in Melis PlatformEPSS 0.3%CVE-2025-25120MEDIUMWordPress Slide Banners plugin <= 1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-3651MEDIUMBuild App Online <= 1.0.23 - Missing Authorization to Arbitrary Post Author Modification via 'build-app-online-update-vendor-product' AJAX ActionEPSS 0.3%CVE-2026-33470MEDIUMFrigate has cross-camera snapshot disclosure via unrestricted timeline IDs and missing authorization in /api/events/{event_id}/snapshot-clean.webpEPSS 0.3%CVE-2026-3906MEDIUMWordPress 6.9 - 6.9.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Note Creation via REST APIEPSS 0.3%CVE-2024-27970MEDIUMWordPress WP SendFox plugin <= 1.3.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47628MEDIUMWordPress QS Dark Mode plugin <= 3.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-45209HIGHWordPress MyCryptoCheckout plugin <= 2.161 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-56234MEDIUMWordPress VW Automobile Lite theme <= 2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-39490HIGHWordPress JupiterX Core plugin <= 4.14.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1504MEDIUMPost Lockdown <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Post DisclosureEPSS 0.3%CVE-2023-39922MEDIUMWordPress Avada theme <= 7.11.1 - Authenticated Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11353MEDIUMSMS for Lead Capture Forms <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message DeletionEPSS 0.3%CVE-2024-9584MEDIUMImage Map Pro <= 6.0.20 - Missing Authorization to Authenticated (Contributor+) Map Project Add/Update/DeleteEPSS 0.3%