Fallos del tipo CWE-862

7033 resultados
CVE-2026-60124MEDIUMMISP importModule missing authorization allows read-only users to modify events via misp_standard importsEPSS 0.2%CVE-2026-2559MEDIUMPost SMTP <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Office 365 OAuth Configuration OverwriteEPSS 0.2%CVE-2025-58783MEDIUMWordPress Gutentor plugin <= 3.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9202MEDIUMColorMag <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin InstallationEPSS 0.2%CVE-2025-59551MEDIUMWordPress Revive.so Plugin <= 2.0.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-66140MEDIUMWordPress Uper for Elementor plugin <= 1.0.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60143MEDIUMWordPress Netgsm plugin <= 2.9.69 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66137MEDIUMWordPress Searcher for Elementor plugin <= 1.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-57894MEDIUMWordPress WPPizza Plugin <= 3.19.8 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-28556MEDIUMwpForo Forum 2.4.14 Missing Authorization via Topic Management Form HandlersEPSS 0.2%CVE-2025-60128MEDIUMWordPress Delisho Plugin <= 1.1.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58594MEDIUMWordPress Brizy Plugin <= 2.7.12 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-60148MEDIUMWordPress Subscribe to Download plugin <= 2.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53236MEDIUMWordPress UDesign Core plugin <= 4.14.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62106MEDIUMWordPress WP-CRM System plugin <= 3.4.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49052MEDIUMWordPress Netease Music plugin <= 3.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14357MEDIUMMega Store Woocommerce <= 5.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation and Settings ChangeEPSS 0.2%CVE-2025-58617MEDIUMWordPress F4 Media Taxonomies Plugin <= 1.1.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-66138MEDIUMWordPress Motionger for Elementor plugin <= 2.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-44754MEDIUMMissing caller identification check-in for ODP Data Replication APIsEPSS 0.2%