Falhas do tipo CWE-862
7.019 resultadosCVE-2025-53348MEDIUMWordPress Kalium Theme <= 3.18.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-60129MEDIUMWordPress Yext Plugin <= 1.1.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-5175MEDIUMImproper access control in the multi-factor authentication (MFA) management API in Devolutions Server allows an authenticated attacker to deEPSS 0.3%CVE-2025-41016HIGHMultiple vulnerabilities in DFUSION by DavantisEPSS 0.3%CVE-2025-60130MEDIUMWordPress WEDOS Global Plugin <= 1.2.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-42664HIGHWordPress AI Product Search for WooCommerce – Motive Commerce Search plugin <= 1.38.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-10579MEDIUMBackWPup <= 5.5.0 - Missing Authorization to Sensitive Information ExposureEPSS 0.3%CVE-2026-9013MEDIUMBogo <= 3.9.1 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via REST APIEPSS 0.3%CVE-2025-62919MEDIUMWordPress TS Demo Importer plugin <= 0.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-60155MEDIUMWordPress WP Virtual Assistant Plugin <= 3.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-41017MEDIUMMultiple vulnerabilities in DFUSION by DavantisEPSS 0.3%CVE-2025-48262MEDIUMWordPress Url Rewrite Analyzer plugin <= 1.3.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-14592LOWMissing Authorization in GitLabEPSS 0.3%CVE-2023-36002MEDIUMITM Server Missing Authorization for URL validationEPSS 0.3%CVE-2025-58603MEDIUMWordPress Surfer Plugin <= 1.6.4.574 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-7492MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2024-12825MEDIUMCustom Related Posts <= 1.7.3 - Missing Authorization to Authenticated (Subscriber+) Private Post Search and Relation UpdatesEPSS 0.3%CVE-2025-13092MEDIUMDevs CRM – Manage tasks, attendance and teams all together <= 1.1.8 - Unauthenticated Information ExpsoureEPSS 0.3%CVE-2025-62918MEDIUMWordPress IgnitionDeck plugin <= 2.0.15 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-27346MEDIUMWordPress B2BKing plugin < 5.2.10 - Broken Access Control vulnerabilityEPSS 0.3%