Fallos del tipo CWE-862

6961 resultados
CVE-2024-13717MEDIUMContact Form and Calls To Action by vcita <= 2.7.1 - Missing Authorization to Authenticated (Subscriber+) Contact/Widget ToggleEPSS 0.3%CVE-2025-68569MEDIUMWordPress WP Time Slots Booking Form plugin <= 1.2.39 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-27433MEDIUMWordPress Motors theme <= 5.6.80 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-52801HIGHWordPress TheBooking Plugin <= 1.4.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-43573MEDIUMOpenClaw < 2026.4.10 - SSRF Policy Bypass in Existing-Session Browser Interaction RoutesEPSS 0.3%CVE-2026-47346HIGHTYPO3 CMS - Broken Access Control in Form FrameworkEPSS 0.3%CVE-2026-4261HIGHExpire Users <= 1.2.2 - Authenticated (Subscriber+) Privilege Escalation to Administrator via save_extra_user_profile_fieldsEPSS 0.3%CVE-2026-2819MEDIUMDromara RuoYi-Vue-Plus Workflow deleteByInstanceIds SaServletFilter authorizationEPSS 0.3%CVE-2026-43577HIGHOpenClaw < 2026.4.9 - Arbitrary File Read via Browser Interaction RoutesEPSS 0.3%CVE-2025-67926MEDIUMWordPress Fluent Support plugin <= 1.10.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-4745MEDIUMWordPress Giveaways and Contests by RafflePress plugin <= 1.12.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-52800HIGHWordPress The E-Commerce ERP <= 2.1.1.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2021-4446MEDIUMEssential Addons for Elementor <= 4.6.4 - Missing AuthorizationEPSS 0.3%CVE-2025-48326MEDIUMWordPress Acclectic Media Organizer Plugin <= 1.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-29070MEDIUMOpen WebUI has unauthorized deletion of knowledge filesEPSS 0.3%CVE-2025-8268MEDIUMAi Engine <= 2.9.5 - Missing Authorization to Unauthenticated Uploaded Files Disclosure And DeletionEPSS 0.3%CVE-2026-2022MEDIUMSmart Forms <= 2.6.99 - Missing Authorization to Authenticated (Subscriber+) Campaign Data ExposureEPSS 0.3%CVE-2026-40743MEDIUMWordPress Tutor LMS plugin <= 3.9.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-52813HIGHWordPress MobiLoud <= 4.6.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-4744MEDIUMWordPress iPages Flipbook plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.3%