Fallos del tipo CWE-862

6923 resultados
CVE-2026-8610MEDIUMTypeSquare Webfonts for ConoHa <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via 'fontThemeUseType' ParameterEPSS 0.3%CVE-2026-4292LOWPrivilege abuse in ModelAdmin.list_editableEPSS 0.3%CVE-2025-30993MEDIUMWordPress Thank You Page Customizer for WooCommerce – Increase Your Sales <= 1.1.7 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-39541MEDIUMWordPress WP Simple Booking Calendar plugin <= 2.0.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1722MEDIUMWCFM Marketplace <= 3.7.0 - Insecure Direct Object Reference to Unauthenticated Arbitrary Refund Request CreationEPSS 0.3%CVE-2025-14629MEDIUMAlchemist Ajax Upload <= 1.1 - Missing Authorization to Unauthenticated Arbitrary Media File DeletionEPSS 0.3%CVE-2025-47527HIGHWordPress Icegram Collect – Easy Form, Lead Collection and Subscription plugin <= 1.3.18 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-15070MEDIUMData Exposure in Gmission Web FAXEPSS 0.3%CVE-2023-51670MEDIUMWordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Arbitrary Plugin Activation vulnerabilityEPSS 0.3%CVE-2025-50031MEDIUMWordPress DB Backup <= 6.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-58678MEDIUMWordPress Accordion Plugin <= 2.3.15 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-34903MEDIUMWordPress Ocean Extra plugin <= 2.5.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1831LOWYayMail <= 4.3.2 - Missing Authorization to Authenticated (Shop Manager+) Plugin Installation and ActivationEPSS 0.3%CVE-2023-23640MEDIUMWordPress MainWP UpdraftPlus Extension Plugin <= 4.0.6 - Subscriber+ Arbitrary Plugin Activation VulnerabilityEPSS 0.3%CVE-2024-32949HIGHWordPress Integrate Google Drive plugin <= 1.3.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-41112HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2025-67970MEDIUMWordPress Schedula plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-41337HIGHMissing Authorization vulnerability in CanalDenuncia.appEPSS 0.3%CVE-2026-33359HIGHMeari unauthenticated alert image access in cloud object storageEPSS 0.3%CVE-2026-23541HIGHWordPress Mail Mint plugin <= 1.19.4 - Broken Access Control vulnerabilityEPSS 0.3%