Falhas do tipo CWE-862
6.850 resultadosCVE-2024-12876CRITICALGolo - Directory & Listing, Travel WordPress Theme <= 1.6.10 - Missing Authorization to Privilege Escalation via Unauthenticated Arbitrary User Password ChangeEPSS 0.4%CVE-2024-56008HIGHWordPress Spreadr Woocommerce plugin <= 1.0.4 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2024-30465MEDIUMWordPress PageLayer plugin <= 1.8.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-30233MEDIUMOliveTin: View permission not being checked when returning dashboardsEPSS 0.4%CVE-2024-33543HIGHWordPress WP Time Slots Booking Form plugin <= 1.2.06 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43355MEDIUMWordPress JoomSport plugin <= 5.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-10579MEDIUMHustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.5 - Missing Authorization to Unpublished Form ExposureEPSS 0.4%CVE-2024-33555HIGHWordPress XStore Core plugin <= 5.3.8 - Multiple Authenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-11271HIGHWordPress Webinar Plugin – WebinarPress <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Webinar UpdatesEPSS 0.4%CVE-2025-27270CRITICALWordPress Residential Address Detection Plugin <= 2.5.4 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 0.4%CVE-2023-5061MEDIUMMissing Authorization in GitLabEPSS 0.4%CVE-2023-28536MEDIUMWordPress Branded Social Images plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-11581MEDIUMPowerJob OpenAPIController runJob authorizationEPSS 0.4%CVE-2023-30488MEDIUMWordPress Featured Post Creative plugin <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-49859MEDIUMWordPress Login With Ajax plugin <= 4.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-50137HIGHBudibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentialsEPSS 0.4%CVE-2025-42953HIGHMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.4%CVE-2026-34053HIGHOpenEMR Missing Authorization in Procedure Order AJAX Deletion HandlerEPSS 0.4%CVE-2025-11372MEDIUMLearnPress – WordPress LMS Plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table ManipulationEPSS 0.4%CVE-2024-12431MEDIUMMissing Authorization in GitLabEPSS 0.4%