Falhas do tipo CWE-862
6.850 resultadosCVE-2024-43302MEDIUMWordPress Fonts plugin <= 3.7.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-6824MEDIUMPremium Addons for Elementor <= 4.10.38 - Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion and Arbitrary Title UpdateEPSS 0.4%CVE-2026-40776HIGHWordPress Eventin plugin <= 4.1.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-42989CRITICALMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.4%CVE-2025-24633MEDIUMWordPress Build Private Store For Woocommerce plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-52214MEDIUMWordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-4477HIGHTeamT5 ThreatSonar Anti-Ransomware - Privilege EscalationEPSS 0.4%CVE-2025-24652MEDIUMWordPress WP Duplicate plugin <= 1.1.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-24589MEDIUMWordPress JSM Show Post Metadata plugin <= 4.6.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-22543MEDIUMWordPress ST Gallery WP plugin <= 1.0.8 - Settings Change vulnerabilityEPSS 0.4%CVE-2024-33565CRITICALWordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.5.3 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-22534MEDIUMWordPress Slides & Presentations Plugin <= 0.0.39 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-45000HIGHWordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Broken Access Control on API vulnerabilityEPSS 0.4%CVE-2021-47701HIGHOpenBMCS User Management Privilege EscalationEPSS 0.4%CVE-2025-52024CRITICALA vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to unauthentEPSS 0.4%CVE-2021-3653—A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine cEPSS 0.4%CVE-2025-22541MEDIUMWordPress WP Delete Post Copies plugin <= 5.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-50500MEDIUMWordPress Phlox Core Elements plugin <= 2.17.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-22156MEDIUMWordPress SalesKing plugin <= 1.6.15 - Unauthenticated Plugin Settings Change vulnerabilityEPSS 0.4%CVE-2026-58168HIGHDeepTutor < 1.4.10 - Insecure Default Grants Unrestricted MCP Tool Access to Non-Admin UsersEPSS 0.4%