Falhas do tipo CWE-862
7.035 resultadosCVE-2025-6664MEDIUMCodeAstro Patient Record Management System cross-site request forgeryEPSS 0.2%CVE-2026-27368MEDIUMWordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 6.19.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49979MEDIUMWordPress Media Hygiene plugin <= 4.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49902MEDIUMWordPress Login Page Customizer – Customizer Login Page, Admin Page, Custom Design plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27328MEDIUMWordPress EduBlink theme <= 2.0.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57392MEDIUMWordPress Tourfic plugin <= 2.22.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68507MEDIUMWordPress Icegram plugin <= 3.1.35 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57406MEDIUMWordPress FundEngine plugin <= 1.7.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57424MEDIUMWordPress Razorpay Payment Links for WooCommerce plugin <= 2.1.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-30927MEDIUMWordPress Wordapp plugin <= 1.7.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57324MEDIUMWordPress GIFT4U plugin <= 1.0.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42439MEDIUMOpenClaw < 2026.4.10 - SSRF Policy Bypass in Browser Tabs Action RoutesEPSS 0.2%CVE-2025-69095MEDIUMWordPress Reservation Plugin plugin <= 1.7 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-6865MEDIUMDaiCuo index cross-site request forgeryEPSS 0.2%CVE-2026-57408MEDIUMWordPress Peach Payments Gateway plugin <= 4.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-12204MEDIUMCoupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups <= 1.3.5 - Missing AuthorizationEPSS 0.2%CVE-2025-49981MEDIUMWordPress User Roles and Capabilities plugin <= 1.2.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57400MEDIUMWordPress Event Tickets Manager for WooCommerce plugin <= 1.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-40782MEDIUMWordPress WPAdverts plugin <= 2.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9076MEDIUMMattermost Server exposes sensitive user credentials during shared channel membership synchronizationEPSS 0.2%