Falhas do tipo CWE-862
7.033 resultadosCVE-2026-25876MEDIUMPlaciPy is Missing Authorization on Assessment Results EndpointEPSS 0.2%CVE-2024-34824MEDIUMWordPress SportsPress – Sports Club & League Manager plugin <= 2.7.20 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-50007HIGHActual: Shared users can perform owner-only file management actionsEPSS 0.2%CVE-2026-23517MEDIUMFleet has an Access Control vulnerability in debug/pprof endpointsEPSS 0.2%CVE-2024-23944MEDIUMApache ZooKeeper: Information disclosure in persistent watcher handlingEPSS 0.2%CVE-2024-0122HIGHNVIDIA Delegated Licensing Service for all appliance platforms contains a vulnerability where an attacker may cause an unauthorized action. EPSS 0.2%CVE-2026-25810MEDIUMPlaciPy is Missing Object-Level Authorization in student.submission.routes.tsEPSS 0.2%CVE-2025-64222HIGHWordPress WooCommerce Recover Abandoned Cart plugin <= 24.6.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.2%CVE-2026-27386HIGHWordPress DesignThemes Directory Addon plugin <= 1.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-34898HIGHWordPress Event Tickets Manager for WooCommerce plugin <= 1.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24362MEDIUMWordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68025MEDIUMWordPress Addonify Floating Cart For WooCommerce plugin <= 1.2.17 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13358MEDIUMAccessiy By CodeConfig Accessibility <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page CreationEPSS 0.2%CVE-2023-35998MEDIUMITM Server Missing Authorization in SOAP EndpointsEPSS 0.2%CVE-2026-9199MEDIUMEqualize Digital Accessibility Checker <= 1.42.1 - Missing Authorization to Authenticated (Author+) Arbitrary Accessibility Issue Modification via 'largeBatch' ParameterEPSS 0.2%CVE-2025-14047MEDIUMWP User Frontend <= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment DeletionEPSS 0.2%CVE-2025-68028MEDIUMWordPress GA4WP: Google Analytics for WordPress plugin <= 2.10.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68026MEDIUMWordPress LC Wizard plugin <= 2.1.1 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-68024MEDIUMWordPress Addonify – WooCommerce Wishlist plugin <= 2.0.15 - Settings Change vulnerabilityEPSS 0.2%CVE-2026-47125HIGHArcane: Missing admin authorization on global variables endpointEPSS 0.2%