Fallos del tipo CWE-862

7018 resultados
CVE-2026-54832HIGHWordPress Gutenverse Companion plugin <= 2.5.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-0954MEDIUMWP Online Contract <= 5.1.4 - Missing Authorization to Unauthenticated Settings ImportEPSS 0.2%CVE-2026-48883HIGHWordPress WPC Product Bundles for WooCommerce plugin <= 8.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62017MEDIUMWordPress Kallyas theme <= 4.22.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-47349MEDIUMTYPO3 CMS - Broken Access Control in RecyclerEPSS 0.2%CVE-2026-47351MEDIUMTYPO3 CMS - Broken Access Control in ClipboardEPSS 0.2%CVE-2023-47757MEDIUMWordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access ControlEPSS 0.2%CVE-2025-15327MEDIUMTanium addressed an improper access controls vulnerability in Deploy.EPSS 0.2%CVE-2026-28193HIGHIn JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpointEPSS 0.2%CVE-2026-41192HIGHFreeScout's client-controlled attachment IDs allow deletion of existing conversation attachmentsEPSS 0.2%CVE-2025-69298HIGHWordPress Gauge theme <= 6.56.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-54830HIGHWordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-47350MEDIUMTYPO3 CMS - Broken Access Control in DataHandlerEPSS 0.2%CVE-2026-40592MEDIUMFreeScout's cross-user undo reply allows mailbox peers to recall another agent's outbound replyEPSS 0.2%CVE-2026-8614MEDIUMAssistio <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion via assistio_plugin_delete_assistio_settings AJAX ActionEPSS 0.2%CVE-2026-59262HIGHAFFiNE - Unauthorized Document Edit History Access via GraphQL histories FieldEPSS 0.2%CVE-2025-47444MEDIUMWordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60165MEDIUMWordPress Frames Theme <= 1.5.7 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-11607HIGHTYPO3 CMS - Broken Access Control in Form FrameworkEPSS 0.2%CVE-2026-58167HIGHNightingale < 9.0.0-beta.2 - Datasource Credential Disclosure to Low-Privilege UsersEPSS 0.2%