Fallos del tipo CWE-862

7018 resultados
CVE-2024-55408MEDIUMAn improper access control vulnerability in the AsusSAIO.sys driver may lead to the misuse of software functionality utilizing the driver whEPSS 0.2%CVE-2025-13666MEDIUMHelloprint <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Order Status ModificationEPSS 0.2%CVE-2025-54025MEDIUMWordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change VulnerabilityEPSS 0.2%CVE-2025-14034MEDIUMilGhera Support System for WooCommerce <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket DeletionEPSS 0.2%CVE-2025-49431MEDIUMWordPress MF Plus WPML plugin <= 1.1 - Settings Change VulnerabilityEPSS 0.2%CVE-2025-14633MEDIUMF70 Lead Document Download <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Media File DownloadEPSS 0.2%CVE-2026-39701MEDIUMWordPress ShopWP plugin <= 5.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-39362MEDIUMWordPress Mollie Payments for WooCommerce plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-52812HIGHGogs: LFS dedupe path leaks private repo content across tenantsEPSS 0.2%CVE-2025-67560MEDIUMWordPress Listdom plugin <= 5.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13312MEDIUMCRM Memberships <= 2.5 - Missing Authorization to Unauthenticated 'ntzcrm_add_new_tag' AJAX ActionEPSS 0.2%CVE-2025-53230HIGHWordPress Page Manager for Elementor Plugin <= 2.0.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-62916MEDIUMWordPress Flights & Hotels Booking WP Plugin plugin <= 3.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48147MEDIUMWordPress CryptoCloud - Crypto Payment Gateway plugin <= 2.1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14366MEDIUMEyewear prescription form <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Product CreationEPSS 0.2%CVE-2025-53997MEDIUMWordPress Houzez theme <= 4.0.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-47585MEDIUMWordPress Booking and Rental Manager plugin <= 2.3.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14365MEDIUMEyewear prescription form <= 6.0.1 - Missing Authorization to Unauthenticated Arbitrary WooCommerce Category DeletionEPSS 0.2%CVE-2026-3567MEDIUMRepairBuddy <= 4.1132 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Modification via wc_rep_shop_settings_submission AJAX ActionEPSS 0.2%CVE-2025-14886MEDIUMJapanized for WooCommerce <= 2.7.17 - Missing Authorization to Unauthenticated Order Status ModificationEPSS 0.2%