Fallos del tipo CWE-862

6850 resultados
CVE-2025-8593HIGHGSheetConnector For Gravity Forms <= 1.3.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin InstallationEPSS 0.4%CVE-2024-0201MEDIUMProduct Expiry for WooCommerce <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.4%CVE-2025-68013MEDIUMWordPress Payment Gateway Authorize.Net CIM for WooCommerce plugin <= 2.1.2 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2024-7727MEDIUMHTML5 Video Player – mp4 Video Player Plugin and Block <= 2.5.32 - Missing Authorization in multiple functions via h5vp_ajax_handlerEPSS 0.4%CVE-2023-39438HIGHMissing Authorization check allows certain operations on CLA Assistant dataEPSS 0.4%CVE-2025-62022HIGHWordPress BuddyPress plugin <= 14.3.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-27626MEDIUMWordPress Stock Ticker plugin <= 3.23.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-36352MEDIUMWordPress ProfileGrid Plugin <= 5.0.3 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2024-55999MEDIUMWordPress XML Multilanguage Sitemap Generator plugin <= 2.0.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-10535MEDIUMVideo Gallery for WooCommerce <= 1.31 - Missing Authorization to Unauthenticated Limited File DeletionEPSS 0.4%CVE-2023-1903MEDIUMMissing Authorization check in SAP HCM Fiori App My Forms (Fiori 2.0)EPSS 0.4%CVE-2024-38774MEDIUMWordPress Security Optimizer plugin <= 1.5.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-6621MEDIUMWP RSS Aggregator <= 4.23.11 - Missing Authorization to Authenticated (Subscriber+) Feed State UpdateEPSS 0.4%CVE-2024-33588MEDIUMWordPress basepress plugin <= 2.16.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-1355MEDIUMMissing Authorization Check in GitHub Enterprise Server Allows Unauthorized Uploads to Repository Migration ExportsEPSS 0.4%CVE-2025-31720MEDIUMA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but withouEPSS 0.4%CVE-2023-39990MEDIUMWordPress Paid Memberships Pro plugin <= 1.2.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-31243HIGHWordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion vulnerabilityEPSS 0.4%CVE-2025-24643MEDIUMWordPress WPGuppy plugin <= 1.1.0 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2025-70148HIGHMissing authentication and authorization in print_membership_card.php in CodeAstro Membership Management System 1.0 allows unauthenticated aEPSS 0.4%