Fallos del tipo CWE-862

6679 resultados

CVE-2025-5394CRITICALAlone – Charity Multipurpose Non-profit WordPress Theme <= 7.8.3 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin InstallationEPSS 47.8%CVE-2024-43919MEDIUMWordPress Yet Another Related Posts Plugin (YARPP) plugin <= 5.30.10 - Broken Access Control vulnerabilityEPSS 43.6%CVE-2024-3097MEDIUMWordPress Gallery Plugin – NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information DisclosureEPSS 38.0%CVE-2023-0678HIGHMissing Authorization in phpipam/phpipamEPSS 37.3%CVE-2024-10728HIGHPostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation/ActivationEPSS 36.5%CVE-2022-1020—Woo Product Table < 3.1.2 - Unauthenticated Arbitrary Function CallEPSS 26.2%CVE-2023-3124HIGHElementor Pro <= 3.11.6 - Authenticated(Subscriber+) Privilege Escalation via update_page_optionEPSS 22.7%CVE-2021-37976MEDIUMInappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive infoEPSS 19.9%KEV CVE-2024-7856HIGHMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar <= 5.7.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File DeletionEPSS 18.8%CVE-2021-4374CRITICALWordPress Automatic Plugin <= 3.53.2 - Unauthenticated Arbitrary Options UpdateEPSS 16.4%CVE-2024-10542CRITICALSpam protection, Anti-Spam, FireWall by CleanTalk <= 6.43.2 - Authorization Bypass via Reverse DNS Spoofing to Unauthenticated Arbitrary Plugin InstallationEPSS 15.2%CVE-2023-6020HIGHRay Static File Local File IncludeEPSS 14.7%CVE-2026-25939CRITICALFUXA Unauthenticated Remote Arbitrary Scheduler WriteEPSS 12.0%CVE-2024-9234CRITICALGutenKit <= 2.1.0 - Unauthenticated Arbitrary File UploadEPSS 10.4%CVE-2025-46811CRITICALSUSE Multi Linux Manager allows code execution via unprotected websocket endpointEPSS 10.2%CVE-2024-56067HIGHWordPress WP SuperBackup plugin <= 2.3.3 - Unauthenticated Backup File Download VulnerabilityEPSS 10.0%CVE-2023-40004HIGHUnauth. Access Token Manipulation vulnerability in multiple ServMask WordPress pluginsEPSS 9.7%CVE-2024-57726CRITICALSimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with exceEPSS 9.3%KEV CVE-2023-47681MEDIUMWordPress WooCommerce Checkout Manager plugin <= 7.3.0 - Broken Access Control vulnerabilityEPSS 9.2%CVE-2024-9707CRITICALHunk Companion <= 1.8.4 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation/ActivationEPSS 9.1%

← anteriorpágina 2 / 334siguiente →