Fallos del tipo CWE-862

7039 resultados
CVE-2025-48916MEDIUMBookable Calendar - Less critical - Access bypass - SA-CONTRIB-2025-070EPSS 0.2%CVE-2026-45243MEDIUMSummarize < 0.15.1 Browser Extension Missing Authorization via Content ScriptEPSS 0.2%CVE-2026-40730MEDIUMWordPress ThemeGrill Demo Importer plugin <= 2.0.0.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-0497MEDIUMMissing Authorization check in Business Server Pages Application (Product Designer Web UI)EPSS 0.2%CVE-2026-24995MEDIUMWordPress Latest Post Shortcode plugin <= 14.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-45443MEDIUMWordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 5.5.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67579MEDIUMWordPress User Extra Fields plugin <= 16.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-4968MEDIUMSourceCodester Diary App diary.php cross-site request forgeryEPSS 0.2%CVE-2025-54047MEDIUMWordPress Cost Calculator plugin <= 7.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-54011MEDIUMWordPress SMTP2GO plugin <= 1.12.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-23545MEDIUMWordPress Aruba HiSpeed Cache plugin <= 3.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-4925MEDIUMImproper access control in the users MFA feature in Devolutions Server allows an authenticated user to bypass administrator-enforced restricEPSS 0.2%CVE-2025-63024MEDIUMWordPress Order Delivery Date for WooCommerce plugin <= 4.3.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1835MEDIUMlcg0124 BootDo cross-site request forgeryEPSS 0.2%CVE-2026-1751LOWMissing Authorization in GitLabEPSS 0.2%CVE-2025-42991MEDIUMMissing Authorization check in SAP S/4HANA (Bank Account Application)EPSS 0.2%CVE-2026-23522LOWLobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File DeletionEPSS 0.2%CVE-2025-1778MEDIUMArt Theme <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option DeleteEPSS 0.2%CVE-2025-9029MEDIUMWDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder <= 1.2.16 - Missing Authentication via wdkit_handle_review_submission FunctionEPSS 0.2%CVE-2026-9303MEDIUMcalcom cal.diy cross-site request forgeryEPSS 0.2%