Fallos del tipo CWE-862

7039 resultados
CVE-2026-57286MEDIUMA missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca_ and earlier allows attackers with Item/Read permission to obtaEPSS 0.2%CVE-2025-58980MEDIUMWordPress Export WP Page to Static HTML/CSS Plugin <= 4.1.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-54717MEDIUMWordPress WP Membership Plugin <= 1.6.3 - Settings Change VulnerabilityEPSS 0.2%CVE-2025-63028MEDIUMWordPress Traveler theme <= 3.2.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-42917MEDIUMMissing Authorization check in SAP HCM (Approve Timesheets Fiori 2.0 application)EPSS 0.2%CVE-2026-35598MEDIUMVikunja has Missing Authorization on CalDAV Task ReadEPSS 0.2%CVE-2025-15289LOWTanium addressed an improper access controls vulnerability in Interact.EPSS 0.2%CVE-2026-56696MEDIUMOpenHarness - Prompt Injection via /issue and /pr_comments Slash CommandsEPSS 0.2%CVE-2025-42912MEDIUMMissing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)EPSS 0.2%CVE-2025-30990MEDIUMWordPress ThemeHunk plugin <= 1.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-35179MEDIUMWWBN AVideo Unauthenticated Instagram Graph API Proxy via publishInstagram.json.phpEPSS 0.2%CVE-2025-49922MEDIUMWordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68016MEDIUMWordPress onepay Payment Gateway For WooCommerce plugin <= 1.1.2 - Other Vulnerability Type vulnerabilityEPSS 0.2%CVE-2026-47163HIGHQuest Bot: Unprivileged users can create and remove AutoMod rules.EPSS 0.2%CVE-2025-59826HIGHFlagForgeCTF Vulnerable to Unauthorized Problem CreationEPSS 0.2%CVE-2026-27792MEDIUMSeerr missing authentication on pushSubscription endpointsEPSS 0.2%CVE-2026-53815HIGHOpenClaw < 2026.5.19 - Channel Allowlist Bypass in Message Read ActionsEPSS 0.2%CVE-2025-12704LOWMissing Authorization in GitLabEPSS 0.2%CVE-2024-50573MEDIUMIn JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized servicesEPSS 0.2%CVE-2025-39465MEDIUMWordPress Advanced Google Maps plugin <= 5.8.4 - Broken Access Control vulnerabilityEPSS 0.2%