Fallos del tipo CWE-862

6889 resultados
CVE-2026-1656MEDIUMBusiness Directory Plugin <= 6.4.20 - Missing Authorization to Unauthenticated Arbitrary Listing ModificationEPSS 0.3%CVE-2025-31868MEDIUMWordPress JS Job Manager plugin <= 2.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31862MEDIUMWordPress Job Board Manager Plugin <= 2.1.61 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31739MEDIUMWordPress Minimalistic Event Manager plugin <= 1.1.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31746MEDIUMWordPress Clients plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11496MEDIUMInfility Global <= 2.9.8 - Authenticated (Subscriber+) Missing Authorization to Plugin Options UpdateEPSS 0.3%CVE-2026-55432MEDIUMCoder's sub-agent app registration bypasses template port-sharing policy enforcementEPSS 0.3%CVE-2024-6590MEDIUMSpreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.3%CVE-2025-3871MEDIUMBroken Access Control Leads to Limited Denial of Service in GoAnywhere MFT 7.8.0 and earlierEPSS 0.3%CVE-2025-31870MEDIUMWordPress WP AutoKeyword plugin <= 1.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2025-13754MEDIUMAppointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.9.16 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2024-5382MEDIUMMaster Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to MA Template Creation or ModificationEPSS 0.3%CVE-2024-49321MEDIUMWordPress Simple Custom Post Order plugin <= 2.5.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-37483MEDIUMWordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-35033CRITICALJellyfin: Potential SSRF + Arbitrary file read via stream argument injectionEPSS 0.3%CVE-2024-25929MEDIUMWordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11724MEDIUMCookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Whitelist ScriptEPSS 0.3%CVE-2026-30970HIGHSession authentication bypass in Coral Server session creation endpointEPSS 0.3%CVE-2026-1336MEDIUMAI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.5 - Missing Authorization to Unauthenticated API Key ModificationEPSS 0.3%CVE-2023-36694MEDIUMWordPress Kingkong Board plugin <= 2.1.0.2 - Broken Access Control vulnerabilityEPSS 0.3%