Falhas do tipo CWE-862
7.078 resultadosCVE-2026-24947MEDIUMWordPress LA-Studio Element Kit for Elementor plugin < 1.5.6.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-8285MEDIUMUnauthorized Channel Subscription Creation in Mattermost Confluence PluginEPSS 0.2%CVE-2025-64285MEDIUMWordPress Premmerce Wholesale Pricing for WooCommerce plugin <= 1.1.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24965MEDIUMWordPress Contest Gallery plugin <= 28.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25419MEDIUMWordPress UpsellWP plugin <= 2.2.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39485MEDIUMWordPress Youtube Embed Plus plugin <= 14.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14288MEDIUMGallery Blocks with Lightbox <= 3.3.0 - Missing Authorization to Authenticated (Contributor+) Plugin Settings ModificationEPSS 0.2%CVE-2025-14170MEDIUMVimeo SimpleGallery <= 0.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings ModificationEPSS 0.2%CVE-2026-4986MEDIUMWPForms Lite < 1.10.0.5 – Unauthenticated PayPal Webhook ForgeryEPSS 0.2%CVE-2026-1169MEDIUMbirkir prime cross-site request forgeryEPSS 0.2%CVE-2026-39476MEDIUMWordPress User Feedback plugin <= 1.10.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63079MEDIUMWordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25407MEDIUMWordPress Cookiebot plugin <= 4.6.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-28103MEDIUMIncorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request.EPSS 0.2%CVE-2025-64212MEDIUMWordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24544MEDIUMWordPress HD Quiz plugin <= 2.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1142MEDIUMPHPGurukul News Portal cross-site request forgeryEPSS 0.2%CVE-2026-23875MEDIUMCrawlChat's Discord Bot has a Knowledge Permission vulnerabilityEPSS 0.2%CVE-2025-10304MEDIUMEverest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.3.8 - Missing Authorization to Unauthenticated Backup FailureEPSS 0.2%CVE-2026-30920HIGHOneUptime has broken access control in GitHub App installation flow that allows unauthorized project bindingEPSS 0.2%