Falhas do tipo CWE-862
7.027 resultadosCVE-2025-58919MEDIUMWordPress Wide Banner plugin <= 1.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58004MEDIUMWordPress DriCub Theme <= 2.9 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-49221LOWUnauthenticated Access to Channel Subscription in Mattermost Confluence PluginEPSS 0.2%CVE-2025-58000MEDIUMWordPress Memberful plugin <= 1.75.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-0548MEDIUMTutor LMS – eLearning and online course solution <= 3.9.4 - Missing Authorization to Authenticated (Subscriber+) Limited Attachment DeletionEPSS 0.2%CVE-2024-42377MEDIUMMultiple Missing Authorization Check vulnerabilities in SAP Shared Service FrameworkEPSS 0.2%CVE-2025-64222HIGHWordPress WooCommerce Recover Abandoned Cart plugin <= 24.6.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.2%CVE-2025-59021MEDIUMTYPO3 CMS Allows Broken Access Control in Redirects ModuleEPSS 0.2%CVE-2026-56061HIGHWordPress Subscriptions for WooCommerce plugin <= 1.9.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27386HIGHWordPress DesignThemes Directory Addon plugin <= 1.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-23517MEDIUMFleet has an Access Control vulnerability in debug/pprof endpointsEPSS 0.2%CVE-2026-40741HIGHWordPress Redsys for WooCommerce Light plugin <= 7.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-23944MEDIUMApache ZooKeeper: Information disclosure in persistent watcher handlingEPSS 0.2%CVE-2026-50007HIGHActual: Shared users can perform owner-only file management actionsEPSS 0.2%CVE-2026-25876MEDIUMPlaciPy is Missing Authorization on Assessment Results EndpointEPSS 0.2%CVE-2024-0122HIGHNVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. EPSS 0.2%CVE-2025-68882HIGHWordPress Scalenut plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39524HIGHWordPress Masteriyo - LMS plugin <= 2.1.5 - Payment Bypass vulnerabilityEPSS 0.2%CVE-2026-24590MEDIUMWordPress Paid Videochat Turnkey Site plugin <= 7.3.23 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-34898HIGHWordPress Event Tickets Manager for WooCommerce plugin <= 1.5.3 - Broken Access Control vulnerabilityEPSS 0.2%