Falhas do tipo CWE-862
6.960 resultadosCVE-2025-67969MEDIUMWordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30851MEDIUMWordPress Tickera plugin <= 3.5.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3037MEDIUMyzk2356911358 StudentServlet-JSP cross-site request forgeryEPSS 0.3%CVE-2026-12472MEDIUMKirki <= 6.0.11 - Missing Authorization to Unauthenticated Arbitrary Email Content Injection (Mail Relay / Phishing) via 'emailBody' and 'emailSubject' ParametersEPSS 0.3%CVE-2026-7050MEDIUMForms Rb <= 1.1.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via 'form_id' ParameterEPSS 0.3%CVE-2025-26928MEDIUMWordPress Order Limit for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30639HIGHWordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-1981MEDIUMWinston AI <= 0.0.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings DeletionEPSS 0.3%CVE-2026-0718MEDIUMPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.5 - Missing Authorization to Limited Post Meta ModificationEPSS 0.3%CVE-2025-63054MEDIUMWordPress Quiz And Survey Master plugin <= 10.3.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-31214MEDIUMWordPress WP Quick Post Duplicator plugin <= 2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-6883MEDIUMEvent Espresso 4 Decaf – Event Registration Event Ticketing <= 4.10.46.decaf- Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings ModificationEPSS 0.3%CVE-2025-32208MEDIUMWordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2019-25351HIGHCentova Cast 3.2.11 - Arbitrary File DownloadEPSS 0.3%CVE-2025-47563MEDIUMWordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.3%CVE-2022-32966MEDIUMRealtek RTL8111FP-CG - Missing AuthorizationEPSS 0.3%CVE-2026-39658MEDIUMWordPress Panda Pods Repeater Field plugin <= 1.5.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14895MEDIUMPopupKit <= 2.2.0 - Missing Authorization to Sensitive Information Disclosure and Data DeletionEPSS 0.3%CVE-2025-5957MEDIUMGuest Support – Complete customer support ticket system for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Ticket DeletionEPSS 0.3%CVE-2025-63049MEDIUMWordPress ListingPro Lead Form plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.3%