Falhas do tipo CWE-862
6.846 resultadosCVE-2023-1261HIGHMissing MAC layer security in Wi-SUN SDKEPSS 0.4%CVE-2023-1262HIGHMissing MAC layer security in Wi-SUN Linux Border RouterEPSS 0.4%CVE-2024-32143MEDIUMWordPress Podlove Podcast Publisher plugin <= 4.1.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-42884MEDIUMWordPress WIP Custom Login Plugin <= 1.2.7 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2024-30235MEDIUMWordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32675MEDIUMWordPress Order Limit for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33919MEDIUMWordPress RomethemeKit For Elementor plugin <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32951MEDIUMWordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Unauthenticated Plugin Settings Reset vulnerabilityEPSS 0.4%CVE-2024-10530MEDIUMKognetiks Chatbot for WordPress <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Assistant AdditionEPSS 0.4%CVE-2025-30416CRITICALSensitive data disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect 16 (LinuEPSS 0.4%CVE-2025-8898CRITICALTaxi Booking Manager for Woocommerce | E-cab <= 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation via Account TakeoverEPSS 0.4%CVE-2026-6214MEDIUMForminator Forms <= 1.53.0 - Missing Authorization to Authenticated (Subscriber+) Scheduled Form Submission Export via forminator_export_entries Action on wp_loaded HookEPSS 0.4%CVE-2024-30529MEDIUMWordPress Tainacan plugin <= 0.20.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-2783MEDIUMApp Framework does not checks for the secret provided in the incoming webhook requestEPSS 0.4%CVE-2024-54381HIGHWordPress Advance Menu Manager plugin <= 3.1.1 - Settings Change vulnerabilityEPSS 0.4%CVE-2024-34378HIGHWordPress LeadConnector plugin <= 1.7 - API Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-24611CRITICALWordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-34820MEDIUMWordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-6190HIGHRealty Portal – Agent <= 0.3.9 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via rp_user_profile() FunctionEPSS 0.4%CVE-2026-45395HIGHOpen WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code ExecutionEPSS 0.4%