Fallos del tipo CWE-862

7018 resultados
CVE-2026-32377MEDIUMWordPress Pranayama Yoga theme <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-39368MEDIUMWordPress Rootspersona plugin <= 3.7.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32338MEDIUMWordPress Construction Landing Page theme <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-26867MEDIUMWordPress Bulk theme <= 1.0.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32335MEDIUMWordPress The Conference theme <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48346MEDIUMWordPress Embed and Integrate Etsy Shop plugin <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32378MEDIUMWordPress Book Landing Page theme <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32381MEDIUMWordPress App Landing Page theme <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-7821MEDIUMWC Plus <= 1.2.0 - Missing Authorization to Unauthenticated Settings ManipulationEPSS 0.2%CVE-2026-32380MEDIUMWordPress Numinous theme <= 1.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32432MEDIUMWordPress WP Time Slots Booking Form plugin <= 1.2.42 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32402MEDIUMWordPress Image Slider by Ays plugin <= 2.7.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-33177MEDIUMStatamic is missing authorization check on taxonomy term creation via fieldtypeEPSS 0.2%CVE-2026-32374MEDIUMWordPress The Minimal theme <= 1.2.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32375MEDIUMWordPress Travel Diaries theme <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-11692MEDIUMZip Attachments <= 1.6 - Missing Authorization to Limited File DeletionEPSS 0.2%CVE-2025-48282MEDIUMWordPress Majestic Support plugin <= 1.1.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-12557MEDIUMNinja Forms - File Uploads <= 3.3.29 - Missing Authorization to Unauthenticated Log Disclosure and Deletion via debug-log/delete-all and debug-log/get-all REST EndpointsEPSS 0.2%CVE-2026-32389MEDIUMWordPress NanoCare theme < 1.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-13747MEDIUMWooMail - WooCommerce Email Customizer <= 3.0.34 - Authenticated (Subscriber+) Missing Authorization to SQL InjectionEPSS 0.2%