Fallos del tipo CWE-264

284 resultados
CVE-2022-36375HIGHWordPress Tabs plugin <= 3.6.0 - Authenticated WordPress Options Change vulnerabilityEPSS 1.0%CVE-2019-16017MEDIUMCisco Unified Customer Voice Portal Insecure Direct Object Reference VulnerabilityEPSS 0.9%CVE-2022-33970HIGHWordPress Shortcode Addons plugin <= 3.1.2 - Authenticated WordPress Options Change vulnerabilityEPSS 0.9%CVE-2022-23708A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built proEPSS 0.9%CVE-2022-38104HIGHWordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerabilityEPSS 0.9%CVE-2022-34868HIGHWordPress ЮKassa для WooCommerce plugin <= 2.3.0 - Authenticated Arbitrary Settings Update vulnerabilityEPSS 0.9%CVE-2019-1594HIGHCisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service VulnerabilityEPSS 0.8%CVE-2022-42459HIGHWordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerabilityEPSS 0.8%CVE-2022-38134MEDIUMWordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control vulnerabilityEPSS 0.8%CVE-2021-21436LOWAgent is able to link customer's Config Items without permissionEPSS 0.8%CVE-2022-38070MEDIUMWordPress Pop-up plugin <= 1.1.5 - Privilege Escalation vulnerabilityEPSS 0.8%CVE-2022-36387HIGHWordPress About Me plugin <= 1.0.12 - Broken Access Control vulnerabilityEPSS 0.7%CVE-2020-36528MEDIUMPlatinum Mobile MobileHandler.ashx access controlEPSS 0.7%CVE-2022-36793MEDIUMWordPress WP Shop plugin <= 3.9.6 - Unauthenticated Plugin Settings Change & Data Deletion vulnerabilitiesEPSS 0.7%CVE-2022-36425MEDIUMWordPress Beaver Builder plugin <= 2.5.4.3 - Broken Access Control vulnerabilityEPSS 0.7%CVE-2019-14879MEDIUMA vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment waEPSS 0.7%CVE-2022-45069MEDIUMWordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerabilityEPSS 0.7%CVE-2022-37344HIGHWordPress Accommodation System plugin <= 1.0.1 - Missing Access Control vulnerabilityEPSS 0.7%CVE-2022-27235MEDIUMWordPress Social Share Buttons by Supsystic plugin <= 2.2.3 - Multiple Broken Access Control vulnerabilitiesEPSS 0.7%CVE-2022-25649MEDIUMWordPress Affiliate For WooCommerce premium plugin <= 4.7.0 - Multiple Improper Access Control vulnerabilitiesEPSS 0.7%