Fallos del tipo CWE-862

7039 resultados
CVE-2025-53910MEDIUMUnauthorized Channel Subscription Edit in Mattermost Confluence PluginEPSS 0.2%CVE-2025-39561MEDIUMWordPress LoginWP - Pro Plugin <= 4.0.8.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57812MEDIUMWordPress Simply Schedule Appointments plugin <= 1.6.12.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-12471MEDIUMSpexo <= 2.0.11 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin ActivationEPSS 0.2%CVE-2025-3701MEDIUMWordPress Malcure Malware Scanner plugin <= 16.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13643LOWMongoDB Server may allow queries to be terminated by unauthorized usersEPSS 0.2%CVE-2025-64215MEDIUMWordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3072MEDIUMMedia Library Assistant <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy ModificationEPSS 0.2%CVE-2026-57340MEDIUMWordPress Japanized For WooCommerce plugin <= 2.9.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14457LOWDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.2 - Missing Authorization to Unauthenticated File DeletionEPSS 0.2%CVE-2025-10901MEDIUMOriginality.ai AI Checker <= 1.0.16 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via 'ai_get_table'EPSS 0.2%CVE-2026-39713MEDIUMWordPress Mailercloud – Integrate webforms and synchronize website contacts plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64375MEDIUMWordPress WP Social Ninja plugin <= 3.20.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-54842HIGHWordPress Royal MCP plugin <= 1.4.25 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48916MEDIUMBookable Calendar - Less critical - Access bypass - SA-CONTRIB-2025-070EPSS 0.2%CVE-2026-8239MEDIUMConcrete CMS 9.5.0 and below is vulnerable to IDOR in '/ccm/frontend/conversations/get_rating'EPSS 0.2%CVE-2025-5185MEDIUMSummer Pearl Group Vacation Rental Management Platform cross-site request forgeryEPSS 0.2%CVE-2026-0497MEDIUMMissing Authorization check in Business Server Pages Application (Product Designer Web UI)EPSS 0.2%CVE-2026-45243MEDIUMSummarize < 0.15.1 Browser Extension Missing Authorization via Content ScriptEPSS 0.2%CVE-2026-39707MEDIUMWordPress Accept PayPal Payments using Contact Form 7 plugin <= 4.0.4 - Broken Access Control vulnerabilityEPSS 0.2%