Fallos del tipo CWE-862

7035 resultados
CVE-2025-68980MEDIUMWordPress WeDesignTech Portfolio plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69191HIGHWordPress ListingHub plugin <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-22671MEDIUMWordPress Disable Elementor Editor Translation plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68982MEDIUMWordPress DesignThemes LMS Addon plugin <= 2.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68981MEDIUMWordPress HomeFix Elementor Portfolio plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25456HIGHWordPress Automated FedEx live/manual rates with shipping labels plugin <= 5.1.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69193HIGHWordPress WP Membership plugin <= 1.6.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69190HIGHWordPress Listihub theme <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-43009MEDIUMMissing Authorization check in SAP Service Parts Management (SPM)EPSS 0.2%CVE-2025-8446MEDIUMBlaze Demo Importer <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin InstallEPSS 0.2%CVE-2025-12350MEDIUMDominoKit <= 1.1.0 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.2%CVE-2025-68568MEDIUMWordPress Claspo – Popups, Spin the Wheel & Email Capture plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32387MEDIUMWordPress Checkout for PayPal plugin <= 1.0.46 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1036MEDIUMPhoto Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.36 - Missing Authorization to Unauthenticated Arbitrary Comment DeletionEPSS 0.2%CVE-2025-14978MEDIUMPeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net) <= 1.119.8 - Missing Authorization to Unauthenticated Order Status ModificationEPSS 0.2%CVE-2026-2900LOWMissing Authorization in GitLabEPSS 0.2%CVE-2026-40775HIGHWordPress Royal MCP plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68571MEDIUMWordPress SALESmanago plugin <= 3.9.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69184HIGHWordPress Institutions Directory plugin <= 1.3.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68575MEDIUMWordPress Wappointment plugin <= 2.7.6 - Broken Access Control vulnerabilityEPSS 0.2%