Fallos del tipo CWE-862

6934 resultados
CVE-2026-41394HIGHOpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth RoutesEPSS 0.3%CVE-2024-4139MEDIUMMissing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)EPSS 0.3%CVE-2025-31469MEDIUMWordPress Clear Sucuri Cache plugin <= 1.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-7956MEDIUMAjax Search Lite <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search HandlerEPSS 0.3%CVE-2025-49651HIGHMissing Authorization for Interactive SessionsEPSS 0.3%CVE-2025-39559MEDIUMWordPress Bring Fraktguiden for WooCommerce plugin <= 1.11.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-39493MEDIUMWordPress Rankie plugin < 1.8.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-13440MEDIUMPremmerce Wishlist for WooCommerce <= 1.1.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wishlist DeletionEPSS 0.3%CVE-2024-4138MEDIUMMissing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)EPSS 0.3%CVE-2026-4124MEDIUMZiggeo <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via 'ziggeo_ajax' AJAX ActionEPSS 0.3%CVE-2025-41410MEDIUMSlack import bypasses email verification for team access controlsEPSS 0.3%CVE-2024-6750HIGHSocial Auto Poster <= 5.3.14 - Missing Authorization via Multiple FunctionsEPSS 0.3%CVE-2025-53221MEDIUMWordPress CodeablePress plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-21450LOWMissing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner&#39;s widget without EPSS 0.3%CVE-2025-15510MEDIUMNEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.8 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-36367HIGHIBM i is affected by a privilege escalation in IBM i SQL servicesEPSS 0.3%CVE-2026-1833MEDIUMWaMate Confirm <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Phone Number Blocking/UnblockingEPSS 0.3%CVE-2026-25633MEDIUMStatamic's missing authorization allows access to assetsEPSS 0.3%CVE-2026-1253MEDIUMGroup Chat & Video Chat by AtomChat <= 1.1.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Options UpdateEPSS 0.3%CVE-2026-3581MEDIUMBasic Google Maps Placemarks <= 1.10.7 - Missing Authorization to Unauthenticated Default Map Coordinate UpdateEPSS 0.3%