Fallos del tipo CWE-862

6960 resultados
CVE-2025-32242MEDIUMWordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-11742MEDIUMWPC Smart Wishlist for WooCommerce <= 5.0.4 - Missing Authorization to Authenticated (Subscriber+) Information ExposureEPSS 0.3%CVE-2026-8547HIGHInsufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromisEPSS 0.3%CVE-2025-2246MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2025-49998MEDIUMWordPress WooCommerce Fortnox Integration plugin <= 4.5.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-12253MEDIUMSimple Ecommerce Shopping Cart Plugin- Sell products through Paypal <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update / Data AccessEPSS 0.3%CVE-2026-45632CRITICALDokploy: Schedule Authorization Bypass Enables Host/Server Command ExecutionEPSS 0.3%CVE-2026-56104HIGHChainlit < 2.10.1 Session Hijacking via WebSocket Session RestorationEPSS 0.3%CVE-2025-62976MEDIUMWordPress Sendle Shipping plugin <= 6.02 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-38395MEDIUMWordPress WP Clone Menu plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-0272MEDIUMPAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)EPSS 0.3%CVE-2025-14482MEDIUMCrush.pics Image Optimizer <= 1.8.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.3%CVE-2025-64384MEDIUMWordPress JetFormBuilder plugin <= 3.5.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-22492MEDIUMWordPress Docket Cache plugin <= 24.07.04 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47560MEDIUMWordPress MapSVG plugin < 8.6.13 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-65742HIGHAn unauthenticated Broken Function Level Authorization (BFLA) vulnerability in Newgen OmniDocs v11.0 allows attackers to obtain sensitive inEPSS 0.3%CVE-2025-53111MEDIUMGLPI exposes data to non-allowed usersEPSS 0.3%CVE-2025-49240MEDIUMWordPress DocsPress plugin <= 2.5.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-57332HIGHWordPress Wallet System for WooCommerce plugin <= 2.7.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-36756MEDIUMDevice Takeover vulnerability in SolaX CloudEPSS 0.3%