Fallos del tipo CWE-862

6883 resultados
CVE-2023-25446HIGHWordPress HappyFiles Pro plugin <= 1.8.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-58629HIGHWordPress Miraculous theme < 2.0.9 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2023-34003MEDIUMWordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerabilityEPSS 0.3%CVE-2024-47330MEDIUMBroken Access Control vulnerability on multiple WordPress plugins by SupsysticEPSS 0.3%CVE-2025-31066MEDIUMWordPress Acerola theme <= 1.6.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-13447MEDIUMWP Hotel Booking <= 2.1.6 - Missing Authorization to Authenticated (Subscriber+) User Email RetrievalEPSS 0.3%CVE-2023-46309MEDIUMWordPress wpDiscuz plugin <= 7.6.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-9178HIGHWP Forms Connector <= 1.8 - Missing Authorization to Unauthenticated Information Exposure via 'user/list' REST EndpointEPSS 0.3%CVE-2025-65036HIGHXWiki Remote Macros vulnerable to remote code execution using the confluence details summary macroEPSS 0.3%CVE-2026-44849CRITICALPortainer: Endpoint security bypass via Swarm service create/updateEPSS 0.3%CVE-2024-1091MEDIUMImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Plugin Data Removal in reinitializeEPSS 0.3%CVE-2024-5770MEDIUMWP Force SSL & HTTPS SSL Redirect <= 1.66 - Missing Authorization to Settings UpdateEPSS 0.3%CVE-2024-11673MEDIUM1000 Projects Bookstore Management System cross-site request forgeryEPSS 0.3%CVE-2026-33712CRITICALTypeBot: Unauthenticated SSRF via isolated-vm fetch in preview chat endpoint bypasses SSRF controlsEPSS 0.3%CVE-2024-1090MEDIUMImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Settings Update in stopOptimizeAllEPSS 0.3%CVE-2021-25025Event Calendar < 1.1.51 - Subscriber+ Event CreationEPSS 0.3%CVE-2023-35040MEDIUMWordPress SendPress Newsletters plugin <= 1.23.11.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2021-24836Temporary Login Without Password < 1.7.1 - Subscriber+ Plugin's Settings UpdateEPSS 0.3%CVE-2023-48926MEDIUMAn issue in 202 ecommerce Advanced Loyalty Program: Loyalty Points before v2.3.4 for PrestaShop allows unauthenticated attackers to arbitrarEPSS 0.3%CVE-2025-31546MEDIUMWordPress Swiss Toolkit For WP plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.3%