Falhas do tipo CWE-862
7.033 resultadosCVE-2026-49741HIGHTYPO3 CMS - Privilege Escalation & SQL Injection in Form FrameworkEPSS 0.2%CVE-2025-57997MEDIUMWordPress Trustpilot Reviews Plugin <= 2.5.925 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-1537MEDIUMLatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Missing Authorization to Booking Details ExposureEPSS 0.2%CVE-2026-27468MEDIUMMastodon may allow unconfirmed FASP to make subscriptionsEPSS 0.2%CVE-2025-13441MEDIUMHide Category by User Role for WooCommerce <= 2.3.1 - Missing Authorization to Unauthenticated Cache FlushingEPSS 0.2%CVE-2026-39432HIGHWordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2208MEDIUMWeKan Rules rules.js RulesBleed authorizationEPSS 0.2%CVE-2025-8487MEDIUMKubio AI Page Builder <= 2.6.3 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin InstallationEPSS 0.2%CVE-2025-12043MEDIUMAutochat Automatic Conversation <= 1.1.9 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.2%CVE-2025-27294MEDIUMWordPress WP-Asambleas plugin <= 2.85.0 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.2%CVE-2026-50084CRITICALAqara API cross-account accessEPSS 0.2%CVE-2024-32656HIGHAnt Media Server vulnerable to local privilege escalationEPSS 0.2%CVE-2026-58165HIGHOpenZiti - Privilege Escalation to Admin via Unauthorized Enrollment CreationEPSS 0.2%CVE-2024-10663MEDIUMEleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation SubmissionEPSS 0.2%CVE-2026-33918HIGHOpenEMR Missing Authorization on Claim File Download EndpointEPSS 0.2%CVE-2026-40726HIGHWordPress User Registration Stripe plugin <= 1.3.14 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58968MEDIUMWordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-62018MEDIUMWordPress Kallyas theme <= 4.22.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24610MEDIUMWordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32437MEDIUMWordPress VW Portfolio theme <= 1.3.3 - Broken Access Control vulnerabilityEPSS 0.2%