Fallos del tipo CWE-862

7018 resultados
CVE-2025-1233MEDIUMLafka Plugin <= 7.1.0 - Missing Authorization to Authenticated (Subscriber+) Theme Option UpdateEPSS 0.2%CVE-2025-62019MEDIUMWordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69221MEDIUMLibreChat has Insufficient Access Control for Agent Permission QueriesEPSS 0.2%CVE-2025-14272HIGHRockwell Automation FactoryTalk Analytics PavilionXEPSS 0.2%CVE-2025-12469MEDIUMFunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email SendingEPSS 0.2%CVE-2025-67973MEDIUMWordPress Sunshine Photo Cart plugin <= 3.5.6.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-40571MEDIUMNamelessMC: Reactions on private or blocking profile posts can be modified without proper authorizationEPSS 0.2%CVE-2026-35443MEDIUMNamelessMC: Forum reactions bypass the "view own topics only" restrictionEPSS 0.2%CVE-2026-24567MEDIUMWordPress Anything Order by Terms plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-58448HIGHyudao-cloud < 2026.06 - BPM Module Broken Access Control via process-instance APIEPSS 0.2%CVE-2026-25318MEDIUMWordPress WiserReview Product Reviews for WooCommerce plugin <= 2.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-48887MEDIUMWordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24532MEDIUMWordPress SiteLock Security plugin <= 5.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14003MEDIUMImage Gallery – Photo Grid & Video Gallery <= 2.13.3 - Missing Authorization to Authenticated (Author+) Arbitrary Gallery ModificationEPSS 0.2%CVE-2025-23189MEDIUMMissing Authorization Check in SAP NetWeaver and ABAP Platform (SDCCN)EPSS 0.2%CVE-2026-22458MEDIUMWordPress Wanderland theme <= 1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-31841MEDIUMWordPress FPW Category Thumbnails Plugin <= 1.9.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66082MEDIUMWordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24524MEDIUMWordPress Tablesome plugin <= 1.2.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25410MEDIUMWordPress WP-CORS plugin <= 0.2.2 - Broken Access Control vulnerabilityEPSS 0.2%