Fallos del tipo CWE-862

7035 resultados
CVE-2026-39664MEDIUMWordPress Leadrebel plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-41477HIGHDeskflow: Local privilege escalation via unauthenticated IPCEPSS 0.2%CVE-2025-12175MEDIUMThe Events Calendar <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code ExposureEPSS 0.2%CVE-2025-62932MEDIUMWordPress Table Block by RioVizual plugin <= 3.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32390MEDIUMWordPress Nanosoft theme < 1.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54710HIGHWordPress Tiktok Feed Plugin <= 1.0.21 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-43579MEDIUMOpenClaw < 2026.4.10 - Insufficient Access Control in Nostr Profile Mutation RoutesEPSS 0.2%CVE-2025-48337MEDIUMWordPress QuickCab plugin <= 1.3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13179MEDIUMBdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System cross-site request forgeryEPSS 0.2%CVE-2025-66134MEDIUMWordPress FileBird Pro plugin <= 6.5.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13866MEDIUMFlow-Flow Social Feed Stream 3.0.0 - 4.7.5 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via flow_flow_social_auth AJAX actionEPSS 0.2%CVE-2025-62952MEDIUMWordPress ChatBot plugin <= 7.7.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63034MEDIUMWordPress Page View Count plugin <= 2.9.0 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-62999MEDIUMWordPress Litho Addons plugin <= 3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-58408MEDIUMChurchCRM : Broken Access Control in `CSVCreateFile.php` Allows Low-Privileged Users to Export All Members' PIIEPSS 0.2%CVE-2025-13880MEDIUMWP Social Ninja - Embed Social Feeds, Customer Reviews, Chat Widgets (Google Reviews, YouTube Feed, Photo Feeds, and More) <= 4.0.1 - Missing Authorization to Unauthenticated Plugin's Settings Disclosure And ModificationEPSS 0.2%CVE-2026-32312MEDIUMGLPI: Unauthorized export of form structureEPSS 0.2%CVE-2024-44020MEDIUMWordPress WP Free SSL plugin <= 1.2.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62953MEDIUMWordPress Welcart e-Commerce plugin <= 2.11.24 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62028MEDIUMWordPress Salient theme < 17.4.0 - Broken Access Control vulnerabilityEPSS 0.2%