Fallos del tipo CWE-862

7018 resultados
CVE-2026-57746HIGHWordPress Booked plugin <= 3.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68564MEDIUMWordPress Sendy plugin <= 3.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69031MEDIUMWordPress Arcane theme <= 3.6.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-47587LOWMissing authorization check in SAP Cash Management (Cash Operations)EPSS 0.2%CVE-2026-24588MEDIUMWordPress Smart Product Viewer plugin <= 1.5.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23999MEDIUMWordPress Breeze plugin <= 2.2.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-0394HIGHRapid7 Minerva Armor Privilege EscalationEPSS 0.2%CVE-2026-53439MEDIUMMissing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine otEPSS 0.2%CVE-2026-15320MEDIUMSipeed PicoClaw pico.go rt.ReloadConfig authorizationEPSS 0.2%CVE-2026-4607MEDIUMProfileGrid <= 5.9.8.4 - Missing Authorization to Authenticated (Subscriber+) Group Settings ModificationEPSS 0.2%CVE-2026-40117MEDIUMPraisonAIAgents Affected by Arbitrary File Read via read_skill_file Missing Workspace Boundary and Approval GateEPSS 0.2%CVE-2026-39716MEDIUMWordPress Flipmart theme <= 2.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9218LOWrtMedia for WordPress, BuddyPress and bbPress 4.7.0 - 4.7.3 - Missing Authorization to Unauthenticated Information Disclosure via handle_rest_pre_dispatch FunctionEPSS 0.2%CVE-2026-0593MEDIUMWP Go Maps (formerly WP Google Maps) <= 10.0.04 - Missing Authorization to Authenticated (Subscriber+) Map Engine Setting ModificationEPSS 0.2%CVE-2025-13405MEDIUMAce Post Type Builder <= 1.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Custom Taxonomy Deletion via 'taxonomy' ParameterEPSS 0.2%CVE-2026-4795MEDIUMA missing authorization vulnerability in Zyxel GS1200-5v3 firmware versions through 1.00(ACPS.2)C0, GS1200-8v3 firmware versions through 1.0EPSS 0.2%CVE-2025-13750MEDIUMConverter for Media <= 6.3.2 - Missing Authorization to Authenticated (Subscriber+) Optimized Image Deletion via regenerate-attachment REST EndpointEPSS 0.2%CVE-2025-39553MEDIUMWordPress Church Admin plugin <= 5.0.9 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-58258MEDIUMWordPress Lazy Blocks Plugin <= 4.1.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-31609MEDIUMWordPress WPCargo Track & Trace plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%