Fallos del tipo CWE-862

7035 resultados
CVE-2025-7133MEDIUMCodeAstro Online Movie Ticket Booking System cross-site request forgeryEPSS 0.2%CVE-2025-62953MEDIUMWordPress Welcart e-Commerce plugin <= 2.11.24 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-1358MEDIUMPix Software Vivaz cross-site request forgeryEPSS 0.2%CVE-2025-13880MEDIUMWP Social Ninja - Embed Social Feeds, Customer Reviews, Chat Widgets (Google Reviews, YouTube Feed, Photo Feeds, and More) <= 4.0.1 - Missing Authorization to Unauthenticated Plugin's Settings Disclosure And ModificationEPSS 0.2%CVE-2025-63034MEDIUMWordPress Page View Count plugin <= 2.9.0 - Settings Change vulnerabilityEPSS 0.2%CVE-2026-32312MEDIUMGLPI: Unauthorized export of form structureEPSS 0.2%CVE-2024-44020MEDIUMWordPress WP Free SSL plugin <= 1.2.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64638MEDIUMWordPress OnPay.io for WooCommerce plugin <= 1.0.47 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54717MEDIUMWordPress WP Membership Plugin <= 1.6.3 - Settings Change VulnerabilityEPSS 0.2%CVE-2025-54037MEDIUMWordPress News Kit Elementor Addons plugin <= 1.3.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-39477MEDIUMWordPress CartFlows plugin <= 2.2.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-56696MEDIUMOpenHarness - Prompt Injection via /issue and /pr_comments Slash CommandsEPSS 0.2%CVE-2026-40133MEDIUMMissing Authorization check in SAP S/4HANA Condition MaintenanceEPSS 0.2%CVE-2025-5315MEDIUMMissing Authorization in GitLabEPSS 0.2%CVE-2025-53318MEDIUMWordPress WP DB Booster plugin <= 1.0.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-67571MEDIUMWordPress WPFunnels plugin <= 3.6.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67636MEDIUMA missing permission check in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers with View/Read permission to view encrypteEPSS 0.2%CVE-2025-58980MEDIUMWordPress Export WP Page to Static HTML/CSS Plugin <= 4.1.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-35598MEDIUMVikunja has Missing Authorization on CalDAV Task ReadEPSS 0.2%CVE-2025-63028MEDIUMWordPress Traveler theme <= 3.2.6 - Broken Access Control vulnerabilityEPSS 0.2%