Fallos del tipo CWE-862

6912 resultados
CVE-2026-22485MEDIUMWordPress My Album Gallery plugin <= 1.0.4 - Arbitrary File Deletion vulnerabilityEPSS 0.3%CVE-2025-53345HIGHWordPress Thim Core plugin <= 2.3.3 - Arbitrary Plugin Installation vulnerabilityEPSS 0.3%CVE-2025-24461MEDIUMIn JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpointEPSS 0.3%CVE-2026-27071CRITICALWordPress WPCafe plugin <= 3.0.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31555MEDIUMWordPress ContentMX Content Publisher plugin <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31545MEDIUMWordPress Safe Ai Malware Protection for WP plugin <= 1.0.20 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31584MEDIUMWordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62927MEDIUMWordPress Nelio Content plugin <= 4.0.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31856MEDIUMWordPress Export All Post Meta Plugin <= 1.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14043MEDIUMTainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section CreationEPSS 0.3%CVE-2025-2821MEDIUMSearch Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings ModificationEPSS 0.3%CVE-2023-51537MEDIUMWordPress Awesome Support plugin <= 6.1.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26955MEDIUMWordPress Industrial Lite theme <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-5641MEDIUMOne Click Order Re-Order <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-22787MEDIUMWordPress Button Block plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-2826MEDIUMKadence Blocks — Page Builder Toolkit for Gutenberg Editor <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media UploadEPSS 0.3%CVE-2025-62929MEDIUMWordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-27000MEDIUMWordPress Simple Photo Feed Plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-2941HIGHLinksy Search and Replace <= 1.0.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Database Update via linksy_search_and_replace_item_detailsEPSS 0.3%CVE-2026-3432CRITICALSim Studio AI - Unauthenticated OAuth Token TheftEPSS 0.3%