Falhas do tipo CWE-862
6.845 resultadosCVE-2025-30825HIGHWordPress WPC Smart Linked Products plugin <= 1.3.5 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2023-6751HIGHHostinger <= 1.9.7 - Missing Authorization to Maintenance Mode ActivationEPSS 0.4%CVE-2025-31830MEDIUMWordPress Printus Plugin <= 1.2.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-30522MEDIUMA missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobsEPSS 0.4%CVE-2023-41671MEDIUMWordPress Abandoned Cart Lite for WooCommerce plugin <= 5.16.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2025-59475MEDIUMJenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check for the authenticated user profile dropdown menu, allEPSS 0.4%CVE-2023-49192MEDIUMWordPress Enhanced Text Widget plugin <= 1.6.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-49851MEDIUMWordPress Square Thumbnails plugin <= 1.1.1 - Broken Access Control + CSRF vulnerabilityEPSS 0.4%CVE-2024-10533MEDIUMWP Chat App <= 3.6.8 - Missing Authorization to Authenticated (Subscriber+) Filebird Plugin InstallationEPSS 0.4%CVE-2023-49193MEDIUMWordPress Grow Social plugin <= 1.30.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-10591HIGHMWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics <= 1.5.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Options UpdateEPSS 0.4%CVE-2023-49755MEDIUMWordPress Elementor Timeline Widget plugin <= 2.2 - Notice Dismissal VulnerabilityEPSS 0.4%CVE-2023-48287MEDIUMWordPress TextMe SMS plugin <= 1.9.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-32601MEDIUMWordPress Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.12 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-48776MEDIUMWordPress canvasio3D Light plugin <= 2.5.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-30830MEDIUMWordPress Cool Author Box plugin <= 2.9.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-55997MEDIUMWordPress Order Delivery & Pickup Location Date Time plugin <= 1.1.0 - Settings Change vulnerabilityEPSS 0.4%CVE-2026-9011HIGHDitty <= 3.1.65 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via ditty_init AJAX ActionEPSS 0.4%CVE-2025-8059CRITICALB Blocks <= 2.0.6 - Missing Authorization to Unauthenticated Privilege Escalation via rgfr_registration FunctionEPSS 0.4%CVE-2023-2233LOWMissing Authorization in GitLabEPSS 0.4%