Falhas do tipo CWE-862
6.842 resultadosCVE-2024-32688MEDIUMWordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-49288HIGHWordPress Ultimate WP Mail plugin <= 1.3.5 - Account Takeover via Email Log Leak VulnerabilityEPSS 0.5%CVE-2024-2033MEDIUMVideo Conferencing with Zoom <= 4.4.5 - Sensitive Information ExposureEPSS 0.5%CVE-2024-53938HIGHAn issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. The TELNET service is enabledEPSS 0.5%CVE-2022-41242MEDIUMA missing permission check in Jenkins extreme-feedback Plugin 1.7 and earlier allows attackers with Overall/Read permission to discover infoEPSS 0.5%CVE-2025-24625MEDIUMWordPress Taxonomy/Term and Role based Discounts for WooCommerce plugin <= 5.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.5%CVE-2022-4972HIGHDownload Monitor <= 4.7.51 - Missing Authorization to Unauthenticated Data ExportEPSS 0.5%CVE-2024-11355MEDIUMUltimate YouTube Video & Shorts Player With Vimeo <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Setting ExposureEPSS 0.5%CVE-2024-32432MEDIUMWordPress Ovic Addon Toolkit plugin <= 2.6.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-32524MEDIUMWordPress Custom Order Statuses for WooCommerce plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-34344MEDIUMWordPress Wholesale Suite Plugin <= 2.1.5 is vulnerable to Broken Access ControlEPSS 0.5%CVE-2024-32516MEDIUMWordPress Multi Currency For WooCommerce plugin <= 1.5.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-5541MEDIUMIbtana - WordPress Website Builder <= 1.2.3.3 - Unauthenticated reCAPTCHA Settings UpdateEPSS 0.5%CVE-2023-30519MEDIUMA missing permission check in Jenkins Quay.io trigger Plugin 0.1 and earlier allows unauthenticated attackers to trigger builds of jobs corrEPSS 0.5%CVE-2023-23893MEDIUMWordPress Simple Giveaways plugin <= 2.48.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-41130HIGHWordPress Premmerce User Roles plugin <= 1.0.12 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-34042HIGHact: actions/cache server allows malicious cache injectionEPSS 0.5%CVE-2024-55994MEDIUMWordPress 畅言评论系统 plugin <= 2.0.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-32220MEDIUMWordPress Salon booking system plugin <= 10.30.23 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-36676MEDIUMWordPress Spectra plugin <= 2.6.6 - Broken Access Control vulnerabilityEPSS 0.5%