Falhas do tipo CWE-862
7.062 resultadosCVE-2026-3896MEDIUMLivemesh SiteOrigin Widgets <= 3.9.2 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-27366HIGHWordPress MainWP Child plugin <= 6.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3897MEDIUMLivemesh Addons for Beaver Builder <= 3.9.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Missing AuthorizationEPSS 0.2%CVE-2026-3895MEDIUMWPBakery Page Builder Addons by Livemesh <= 3.9.4 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-2732MEDIUMEnable Media Replace <= 4.1.7 - Improper Authorization to Authenticated (Author+) Arbitrary Attachment Change via Background ReplaceEPSS 0.2%CVE-2026-11600MEDIUMEnvo's Templates & Widgets for Elementor and WooCommerce <= 1.4.26 - Missing Authorization to Authenticated (Author+) Private Content Disclosure via Envo Tabs Widget 'templates' SettingEPSS 0.2%CVE-2026-48969MEDIUMWordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57498CRITICALCoolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams' ServersEPSS 0.2%CVE-2025-12817LOWPostgreSQL CREATE STATISTICS does not check for schema CREATE privilegeEPSS 0.2%CVE-2025-66129MEDIUMWordPress Pochipp plugin <= 1.18.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67572MEDIUMWordPress PenNews theme < 6.7.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67578MEDIUMWordPress WP Email Capture plugin <= 3.12.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-55712MEDIUMWordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 6.3.13 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-21865MEDIUMDiscourse topic conversion permission vulnerability for moderatorsEPSS 0.2%CVE-2025-64635MEDIUMWordPress Feeds for YouTube plugin <= 2.4.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62152MEDIUMWordPress ConveyThis plugin <= 269.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62153MEDIUMWordPress Quick Interest Slider plugin <= 3.1.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-15034MEDIUMflask-dashboard Flask-MonitoringDashboard cross-site request forgeryEPSS 0.2%CVE-2025-67569MEDIUMWordPress AdForest theme <= 6.0.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62740MEDIUMWordPress WP-CRM System plugin <= 3.4.6 - Broken Access Control vulnerabilityEPSS 0.2%