Fallos del tipo CWE-862

6961 resultados
CVE-2025-58603MEDIUMWordPress Surfer Plugin <= 1.6.4.574 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-47581MEDIUMMissing Authorization check in SAP HCM (Approve Timesheets version 4)EPSS 0.3%CVE-2025-48262MEDIUMWordPress Url Rewrite Analyzer plugin <= 1.3.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-5175MEDIUMImproper access control in the multi-factor authentication (MFA) management API in Devolutions Server allows an authenticated attacker to deEPSS 0.3%CVE-2025-53348MEDIUMWordPress Kalium Theme <= 3.18.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-62919MEDIUMWordPress TS Demo Importer plugin <= 0.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-60129MEDIUMWordPress Yext Plugin <= 1.1.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-12825MEDIUMCustom Related Posts <= 1.7.3 - Missing Authorization to Authenticated (Subscriber+) Private Post Search and Relation UpdatesEPSS 0.3%CVE-2025-60121MEDIUMWordPress WooEvents plugin <= 4.1.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62918MEDIUMWordPress IgnitionDeck plugin <= 2.0.15 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-60130MEDIUMWordPress WEDOS Global Plugin <= 1.2.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-42664HIGHWordPress AI Product Search for WooCommerce – Motive Commerce Search plugin <= 1.38.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-60155MEDIUMWordPress WP Virtual Assistant Plugin <= 3.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-14592LOWMissing Authorization in GitLabEPSS 0.3%CVE-2026-1298MEDIUMEasy Replace Image <= 3.5.2 - Missing Authorization to Authenticated (Contributor+) Arbitrary Attachment ReplacementEPSS 0.3%CVE-2026-7492MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2023-4468MEDIUMPoly Trio 8500/Trio 8800/Trio C60 Poly Lens Management Cloud Registration authorizationEPSS 0.3%CVE-2024-40834MEDIUMThis issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, mEPSS 0.3%CVE-2025-10054MEDIUMELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Role RemovalEPSS 0.3%CVE-2026-2819MEDIUMDromara RuoYi-Vue-Plus Workflow deleteByInstanceIds SaServletFilter authorizationEPSS 0.3%