Fallos del tipo CWE-862

6883 resultados
CVE-2025-1766MEDIUMEvent Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.24 - Missing Authorization to Unauthenticated Payment Status UpdateEPSS 0.3%CVE-2023-46073MEDIUMWordPress DX Delete Attached Media plugin <= 2.0.5.1 - Broken Access Control vulnerability + CSRFEPSS 0.3%CVE-2023-45766MEDIUMWordPress Poll Maker plugin <= 4.7.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-3266HIGHImproper access control vulnerability has been discovered in OpenText™ Filr.EPSS 0.3%CVE-2025-39532HIGHWordPress Spice Blocks plugin <= 2.0.7.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-45050HIGHRinger Server Does Not Check Members When Loading MessagesEPSS 0.3%CVE-2025-22657HIGHWordPress Atarim plugin <= 4.0.9 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2025-37087CRITICALA vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an attacker to gain access to an arbitrary filEPSS 0.3%CVE-2026-3480MEDIUMWP Blockade <= 0.9.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'shortcode' ParameterEPSS 0.3%CVE-2025-64349HIGHELOG user profile missing authorizationEPSS 0.3%CVE-2025-65021CRITICALRallly Has Unauthorized Poll Finalization via Insecure Direct Object Reference (IDOR)EPSS 0.3%CVE-2026-53816HIGHOpenClaw < 2026.5.18 - Exec Lifecycle Event Forgery via Paired NodeEPSS 0.3%CVE-2026-24525MEDIUMWordPress CLP Varnish Cache plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1643MEDIUMBenner ModernaNet SG_AlterarSenha cross-site request forgeryEPSS 0.3%CVE-2024-31281MEDIUMWordPress Church Admin plugin <= 4.1.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-66122MEDIUMWordPress Stylish Price List plugin <= 7.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24566MEDIUMWordPress iNET Webkit plugin <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14982MEDIUMBooking Calendar <= 10.14.11 - Missing Authorization to Sensitive Information ExposureEPSS 0.3%CVE-2024-20463MEDIUMCisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection and Denial of Service VulnerabilityEPSS 0.3%CVE-2025-59827HIGHFlagForgeCTF is Missing Authorization in main-v2EPSS 0.3%