Fallos del tipo CWE-862

6961 resultados
CVE-2026-32648MEDIUMAnviz Products Missing AuthorizationEPSS 0.2%CVE-2025-49987MEDIUMWordPress CRM ERP Business Solution plugin <= 1.13 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-50284HIGHCraft CMS: Missing peer-permission check in `AssetsController::actionDeleteFolder` allows deletion of other users' assetsEPSS 0.2%CVE-2026-40570MEDIUMFreeScout's Missing Authorization in load_customer_info Allows Any Authenticated User to Access Full Customer PIIEPSS 0.2%CVE-2025-49993MEDIUMWordPress Cookie-Script.com plugin <= 1.2.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-44392MEDIUMMissing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in EPSS 0.2%CVE-2025-13314MEDIUMProduct Filtering by Categories, Tags, Price Range for WooCommerce <= 1.1.6 - Missing Authorization to Unauthenticated Plugin Settings ModificationEPSS 0.2%CVE-2025-13317MEDIUMAppointment Booking Calendar <= 1.3.96 - Missing Authorization to Arbitrary Booking Confirmation via 'cpabc_ipncheck' ParameterEPSS 0.2%CVE-2024-33909MEDIUMWordPress iPages Flipbook plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-33093MEDIUMAnviz Products Missing AuthorizationEPSS 0.2%CVE-2025-58986MEDIUMWordPress Jock On Air Now (JOAN) plugin <= 6.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57327MEDIUMWordPress MainWP plugin <= 6.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49986MEDIUMWordPress Video List Manager plugin <= 1.7 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-13381MEDIUMAI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.0 - Missing Authorization to Unauthenticated Media File UploadsEPSS 0.2%CVE-2026-33413HIGHetcd: Authorization bypasses in multiple APIsEPSS 0.2%CVE-2025-49990MEDIUMWordPress ContentStudio plugin <= 1.3.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62892MEDIUMWordPress Sunshine Photo Cart plugin <= 3.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-8992MEDIUMmtons mblog cross-site request forgeryEPSS 0.2%CVE-2025-52757MEDIUMWordPress SUMO Memberships for WooCommerce plugin < 7.8.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.2%CVE-2025-41017MEDIUMMultiple vulnerabilities in DFUSION by DavantisEPSS 0.2%