Falhas do tipo CWE-862
6.845 resultadosCVE-2024-5648MEDIUMLearnDash LMS - Reports Free <= 1.8.2.1 - Missing Authorization to Plugin Settings UpdateEPSS 0.5%CVE-2025-28872MEDIUMWordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-38385HIGHWordPress Jupiter X Core plugin <= 3.3.0 - Multiple Auth. Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-45677HIGHRocket.Chat: Lack of SAML Signature Check During Logout Could Lead To DoSEPSS 0.5%CVE-2024-10574HIGHQuiz Maker Business, Developer, and Agency <= (Multiple Versions) - Missing Authorization to Google Sheets Integration Credentials Modification and Stored Cross-Site ScriptingEPSS 0.5%CVE-2024-57682MEDIUMAn information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attacEPSS 0.5%CVE-2026-30823HIGHFlowise: IDOR leading to Account Takeover and Enterprise Feature Bypass via SSO ConfigurationEPSS 0.4%CVE-2026-25808HIGHHollo DMs get leaked and can be seen on Webfinger BrowserEPSS 0.4%CVE-2025-70147HIGHMissing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackersEPSS 0.4%CVE-2022-43431MEDIUMJenkins Compuware Strobe Measurement Plugin 1.0.1 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers wiEPSS 0.4%CVE-2024-28155MEDIUMJenkins AppSpider Plugin 1.0.16 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/ReEPSS 0.4%CVE-2023-2078HIGHBuy Me a Coffee – Button and Widget Plugin <= 3.7 - Missing AuthorizationEPSS 0.4%CVE-2024-5129HIGHPrivilege Escalation Vulnerability in lunary-ai/lunaryEPSS 0.4%CVE-2024-11715MEDIUMWP Job Portal <= 2.2.2 - Missing Authorization to Limited Privilege EscalationEPSS 0.4%CVE-2024-34372MEDIUMWordPress Post Grid Master plugin <= 3.4.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-59461HIGHAPI does not require authenticationEPSS 0.4%CVE-2023-48222HIGHAuthenticated users can view or delete jobs they do not have authorization for in RundeckEPSS 0.4%CVE-2025-32147HIGHWordPress Easy WP Optimizer Plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-23814LOWWordPress Calendar Event Multi View plugin <= 1.4.13 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31830MEDIUMWordPress Printus Plugin <= 1.2.6 - Broken Access Control vulnerabilityEPSS 0.4%