Fallos del tipo CWE-862

7027 resultados
CVE-2026-1934MEDIUMMotors – Car Dealership & Classified Listings Plugin <= 1.4.103 - Missing Authorization to Authenticated (Subscriber+) Payment Bypass via 'stm_payment_status' ParameterEPSS 0.2%CVE-2025-14508MEDIUMMediaCommander – Bring Folders to Media, Posts, and Pages <= 2.3.1 - Missing Authorization to Authenticated (Author+) Media Folder DeletionEPSS 0.2%CVE-2025-49377MEDIUMWordPress Hydra Booking plugin <= 1.1.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-21865MEDIUMDiscourse topic conversion permission vulnerability for moderatorsEPSS 0.2%CVE-2025-53288MEDIUMWordPress PlatiOnline Payments plugin <= 7.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-41382LOWOpenClaw < 2026.3.31 - Discord Voice Ingress Authorization Bypass via Channel and Role Validation GapsEPSS 0.2%CVE-2025-63047MEDIUMWordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57689MEDIUMWordPress Werkstatt theme <= 4.7.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62740MEDIUMWordPress WP-CRM System plugin <= 3.4.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62152MEDIUMWordPress ConveyThis plugin <= 269.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14854MEDIUMWP-CRM System – Manage Clients and Projects <= 3.4.5 - Missing Authorization to Authenticated (Subscriber+) CRM Data Exposure and Task ModificationEPSS 0.2%CVE-2025-53293MEDIUMWordPress Dashboard Widget Sidebar plugin <= 1.2.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-67572MEDIUMWordPress PenNews theme < 6.7.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24540MEDIUMWordPress Integrate Google Drive plugin <= 1.5.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1946MEDIUMGW AI Website Builder <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings DeletionEPSS 0.2%CVE-2025-63023MEDIUMWordPress Payment Gateway for PayPal on WooCommerce plugin <= 9.0.53 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57730MEDIUMWordPress Flatsome theme <= 3.20.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62865MEDIUMWordPress Post Cloner plugin <= 1.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67577MEDIUMWordPress Easy Form Builder plugin <= 3.8.20 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-42882MEDIUMMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.2%