Falhas do tipo CWE-862
7.075 resultadosCVE-2025-12180MEDIUMQi Blocks <= 1.4.3 - Missing Authorization to Authenticated (Contributor+) Plugin Settings UpdateEPSS 0.2%CVE-2026-34154LOWDiscourse has a subscription access bypass in its discourse-subscriptions pluginEPSS 0.2%CVE-2023-45247HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2026-39643MEDIUMWordPress Payment Plugins for PayPal WooCommerce plugin <= 2.0.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39602MEDIUMWordPress Order Tracking plugin <= 3.4.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25415MEDIUMWordPress WPBookit Pro plugin <= 1.6.18 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24375MEDIUMWordPress Ultimate Gift Cards For WooCommerce plugin <= 3.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24547MEDIUMWordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24556MEDIUMWordPress ElementCamp plugin <= 2.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39663MEDIUMWordPress TrueBooker plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66104MEDIUMWordPress Offload, AI & Optimize with Cloudflare Images plugin <= 1.9.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32425MEDIUMWordPress Payment Gateway Pix For GiveWP plugin <= 2.2.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64636MEDIUMWordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62081MEDIUMWordPress Live Shopping & Shoppable Videos For WooCommerce plugin <= 2.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25000MEDIUMWordPress Wheel of Life plugin <= 1.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-22348MEDIUMWordPress Civic Cookie Control plugin <= 1.53 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32382MEDIUMWordPress Digital Download theme <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-45244HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2026-32347MEDIUMWordPress Restaurant and Cafe theme <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25364MEDIUMWordPress Client Invoicing by Sprout Invoices plugin <= 20.8.8 - Broken Access Control vulnerabilityEPSS 0.2%