Fallos del tipo CWE-862

7051 resultados
CVE-2024-31435MEDIUMWordPress Social Media Share Buttons & Social Sharing Icons plugin <= 2.8.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-33427LOWDiscourse Authorization Page Displays Unvalidated Redirect DomainEPSS 0.2%CVE-2025-48334MEDIUMWordPress Woo Slider Pro <= 1.12 - Arbitrary Content Deletion VulnerabilityEPSS 0.2%CVE-2025-12361MEDIUMmyCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7.1 - Missing Authorization to Sensitive Information ExposureEPSS 0.2%CVE-2024-37496MEDIUMWordPress Metro Magazine theme <= 1.3.7 - Broken Access Control on Notice Dismissal vulnerabilityEPSS 0.2%CVE-2024-33005MEDIUMMissing Authorization check in SAP NetWeaver Application Server (ABAP and Java),SAP Web Dispatcher and SAP Content ServerEPSS 0.2%CVE-2025-10173LOWShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution <= 4.8.3 - Insufficient Authorization to Authenticated (Editor+) Settings UpdateEPSS 0.2%CVE-2026-25408MEDIUMWordPress Broken Link Notifier plugin <= 1.3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67589MEDIUMWordPress WooCommerce PDF Invoices & Packing Slips plugin <= 4.9.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-46518HIGHOpenEMR: Stored XSS in prescription CSS/HTML print view via patient demographicsEPSS 0.2%CVE-2025-12809MEDIUMdokan pro <= 4.1.3 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.2%CVE-2026-6709MEDIUMCoinbase Commerce for Contact Form 7 <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) API Key Modification via 'cccf7_api_key' ParameterEPSS 0.2%CVE-2026-23974MEDIUMWordPress Golo theme < 1.7.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-11916HIGHThe Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-4764CRITICALPrivilege Escalation in Dialogflow CX via Playbook ImportEPSS 0.2%CVE-2025-48108MEDIUMWordPress School Management Plugin <= 93.2.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-13679MEDIUMTutor LMS <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure via tutor_order_detailsEPSS 0.2%CVE-2025-14065MEDIUMSimple Bike Rental <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Sensitive Booking Data ExposureEPSS 0.2%CVE-2026-62191HIGHOpenClaw 2026.6.6 < 2026.6.9 Authorization Bypass via Message MutationsEPSS 0.2%CVE-2025-58198MEDIUMWordPress Xpro Theme Builder Plugin <= 1.2.9 - Broken Access Control VulnerabilityEPSS 0.2%