Falhas do tipo CWE-862
7.018 resultadosCVE-2025-58969MEDIUMWordPress Custom Login URL Plugin <= 1.0.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-1781MEDIUMMC4WP: Mailchimp for WordPress <= 4.11.1 - Missing Authorization to Unauthenticated Arbitrary Subscription DeletionEPSS 0.3%CVE-2025-64255LOWWordPress Admin and Site Enhancements (ASE) plugin <= 8.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-50283MEDIUMCraft CMS: Unauthorized Deletion of Source Assets During File ReplacementEPSS 0.3%CVE-2022-2405MEDIUMWP Popup Builder < 1.3.0 - Subscriber+ Arbitrary Popup DeletionEPSS 0.3%CVE-2025-12202MEDIUMajayrandhawa User-Management-PHP-MYSQL web cross-site request forgeryEPSS 0.3%CVE-2026-24587MEDIUMWordPress AJAX Hits Counter + Popular Posts Widget plugin <= 0.10.210305 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-13921MEDIUMweDocs <= 2.1.16 - Missing Authorization to Authenticated (Subscriber+) Documentation Post UpdateEPSS 0.3%CVE-2026-24560MEDIUMWordPress Cloudinary plugin <= 3.3.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24561MEDIUMWordPress FluentBoards plugin <= 1.91.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-32296MEDIUMWordPress Simple Link Directory Pro plugin < 14.8.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-49997MEDIUMWordPress Giveaways and Contests by RafflePress plugin <= 1.12.18 - Broken Access Control + CSRF VulnerabilityEPSS 0.3%CVE-2026-24595MEDIUMWordPress Zoho CRM Lead Magnet plugin <= 1.8.1.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-43214MEDIUMWordPress myCred plugin <= 2.7.2 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-41765CRITICALUnchecked role in wwwupload.cgiEPSS 0.3%CVE-2025-4370MEDIUMBrizy <= 2.6.20 - Missing Authorization to Unauthenticated Limited File UploadEPSS 0.3%CVE-2025-10313HIGHFind And Replace content for WordPress <= 1.1 - Missing Authorization to Unauthenticated Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-53986MEDIUMWordPress Hestia theme <= 3.2.10 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-50008MEDIUMWordPress WooCommerce Manager – Customize and Control Cart page, Add to Cart button, Checkout fields easily plugin <= 1.2.4.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-7563MEDIUMClassified Listing <= 5.3.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via add_order_note and send_email_to_user_by_moderator AJAX ActionsEPSS 0.3%