Fallos del tipo CWE-862

7050 resultados
CVE-2025-68588MEDIUMWordPress TS Poll plugin <= 2.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-59591MEDIUMWordPress wpDiscuz Plugin <= 7.6.33 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-64269MEDIUMWordPress WooCommerce PDF Invoice Builder plugin <= 1.2.150 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-11975MEDIUMFuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) <= 1.1.23.0 - Missing Authorization to Authenticated (Subscriber+) Sync Rule CreationEPSS 0.2%CVE-2025-15565MEDIUMNexi XPay <= 8.3.0 - Missing Authorization to Unauthenticated Order Status ModificationEPSS 0.2%CVE-2026-4818MEDIUMSome management operations on data streams are not properly restricted when user does not have the necessary privilegesEPSS 0.2%CVE-2025-64192MEDIUMWordPress XStore theme < 9.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13391MEDIUMProduct Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) <= 4.9.60 - Missing Authorization to Unauthenticated Arbitrary Attachment and Dropbox File DeletionEPSS 0.2%CVE-2026-57645HIGHWordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25460MEDIUMWordPress Ave Core plugin <= 2.9.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32486MEDIUMWordPress Travel Booking theme <= 1.3.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68521MEDIUMWordPress WpStream plugin <= 4.9.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-42913LOWMissing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)EPSS 0.2%CVE-2025-15043MEDIUMThe Events Calendar <= 6.15.13 - Missing Authorization to Authenticated (Subscriber+) Data Migration ControlEPSS 0.2%CVE-2026-42640MEDIUMWordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-7828MEDIUMWP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed DeletionEPSS 0.2%CVE-2025-42914LOWMissing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)EPSS 0.2%CVE-2025-7827MEDIUMNi WooCommerce Customer Product Report <= 1.2.4 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.2%CVE-2026-40722MEDIUMWordPress Yoast SEO Premium plugin <= 26.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-43638MEDIUMBitwarden Server < 2026.4.1 Missing Authorization via Organization Cipher ImportEPSS 0.2%