Falhas do tipo CWE-862
6.960 resultadosCVE-2026-54846HIGHWordPress Syncee Premium Dropshipping & Wholesale plugin <= 1.0.27 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-8684MEDIUMMotoPress Hotel Booking <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary Booking Notes Modification via mphb_update_booking_notes AJAX ActionEPSS 0.3%CVE-2025-66079MEDIUMWordPress Gutenverse Form plugin <= 2.2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-44719MEDIUMMathesar: Missing collaborator checks allowed access to database-scoped Mathesar metadataEPSS 0.3%CVE-2026-9350MEDIUMNousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorizationEPSS 0.3%CVE-2026-24382HIGHWordPress News Magazine X theme <= 1.2.50 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25026HIGHWordPress Team plugin <= 5.0.11 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-39631MEDIUMWordPress WPSchoolPress plugin <= 2.2.35 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67974HIGHWordPress WPLegalPages plugin <= 3.5.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-30889MEDIUMDiscourse has Unauthorized Post Data Exposure in discourse-user-notesEPSS 0.3%CVE-2025-69303HIGHWordPress ModelTheme Framework plugin < 2.0.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-48116MEDIUMWordPress EventON plugin <= 2.4.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-54837HIGHWordPress Intranet & Private Site – All-In-One Intranet plugin <= 1.8.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-47422MEDIUMFrappe: Unrestricted API access to save_reportEPSS 0.3%CVE-2026-42666HIGHWordPress Salon booking system plugin <= 10.30.25 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-3475MEDIUMInstant Popup Builder <= 1.1.7 - Unauthenticated Arbitrary Shortcode Execution via 'token' ParameterEPSS 0.3%CVE-2026-44718MEDIUMMathesar: Missing collaborator checks allowed access to saved explorations in other databasesEPSS 0.3%CVE-2026-44975MEDIUMFrappe: Missing authorization on reset form toursEPSS 0.3%CVE-2025-49509MEDIUMWordPress Audio Editor & Recorder plugin <= 2.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-54847HIGHWordPress Stylish Cost Calculator plugin <= 8.3.9 - Broken Access Control vulnerabilityEPSS 0.3%