Fallos del tipo CWE-862

6851 resultados
CVE-2024-33573MEDIUMWordPress EPROLO Dropshipping plugin <= 1.7.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-31248MEDIUMWordPress All-in-One Video Gallery plugin <= 3.5.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-8435MEDIUMcode-projects Online Movie Streaming admin-control.php authorizationEPSS 0.4%CVE-2023-40001MEDIUMWordPress iThemes Sync plugin <= 2.1.13 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-2263MEDIUMHustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.10.2 - Missing Authorization to Unauthenticated Conversion Tracking Data ManipulationEPSS 0.4%CVE-2024-24833MEDIUMWordPress Happy Addons for Elementor plugin <= 3.10.1 - Broken Access Control on Post Clone vulnerabilityEPSS 0.4%CVE-2024-1133MEDIUMTutor LMS <= 2.6.0 - Missing AuthorizationEPSS 0.4%CVE-2024-1778MEDIUMAdmin side data storage for Contact Form 7 <= 1.1.1 - Missing Authorization to Unauthenticated Bookmark Status AlterationEPSS 0.4%CVE-2025-26871MEDIUMWordPress Essential Blocks plugin <= 4.8.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-22512MEDIUMWordPress Help Scout Plugin <= 6.5.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31721MEDIUMA missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but withouEPSS 0.4%CVE-2025-15041HIGHBackWPup <= 5.6.2 - Authenticated (BackWPup Helper+) Privilege Escalation via Arbitrary Options UpdateEPSS 0.4%CVE-2024-47317MEDIUMWordPress Ads by WPQuads plugin <= 2.0.84 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-36036MEDIUMInsufficient Access Control VulnerabilityEPSS 0.4%CVE-2023-48739MEDIUMWordPress Porto Theme Functionality plugin < 2.12.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-12300LOWAR for WordPress <= 7.3 - Missing Authorization to Unauthenticated Limited File UploadEPSS 0.4%CVE-2025-59413MEDIUMCubeCart Unauthorized Newsletter Unsubscription via force_unsubscribe ParameterEPSS 0.4%CVE-2023-34379MEDIUMWordPress Cart2Cart: Magento to WooCommerce Migration Plugin <= 2.0.0 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2024-38733MEDIUMWordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-31243MEDIUMThe mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible viEPSS 0.4%