Falhas do tipo CWE-862
6.960 resultadosCVE-2025-12849MEDIUMContest Gallery <= 28.0.2 - Missing AuthorizationEPSS 0.3%CVE-2026-7050MEDIUMForms Rb <= 1.1.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via 'form_id' ParameterEPSS 0.3%CVE-2026-12472MEDIUMKirki <= 6.0.11 - Missing Authorization to Unauthenticated Arbitrary Email Content Injection (Mail Relay / Phishing) via 'emailBody' and 'emailSubject' ParametersEPSS 0.3%CVE-2025-26928MEDIUMWordPress Order Limit for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12033MEDIUMJupiter X Core <= 4.8.5 - Missing Authorization to Authenticated Library SyncEPSS 0.3%CVE-2025-30639HIGHWordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-67969MEDIUMWordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3037MEDIUMyzk2356911358 StudentServlet-JSP cross-site request forgeryEPSS 0.3%CVE-2025-22299MEDIUMWordPress AI for SEO plugin <= 1.2.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-24600MEDIUMWordPress RSVPMaker plugin <= 11.4.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1981MEDIUMWinston AI <= 0.0.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings DeletionEPSS 0.3%CVE-2025-30851MEDIUMWordPress Tickera plugin <= 3.5.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-27783MEDIUMGitea issue-template APIs bypass repository unit authorizationEPSS 0.3%CVE-2025-22298MEDIUMWordPress Hive Support plugin <= 1.1.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-9331MEDIUMSpacious <= 1.9.11 - Missing Authorization to Autheticated (Subscriber+) Demo Data ImportEPSS 0.3%CVE-2025-52738MEDIUMWordPress Wikipedia Preview plugin <= 1.15.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-13493HIGHLatest Registered Users <= 1.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via User Data ExportEPSS 0.3%CVE-2025-31544MEDIUMWordPress Swiss Toolkit For WP plugin <= 1.4.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68565MEDIUMWordPress Twitch Player plugin <= 2.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-32792MEDIUMWordPress Hummingbird plugin <= 3.7.3 - Broken Access Control vulnerabilityEPSS 0.3%