Fallos del tipo CWE-862

7075 resultados
CVE-2022-20529LOWIn multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This couldEPSS 0.2%CVE-2026-32394MEDIUMWordPress PublishPress Capabilities plugin <= 2.31.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42851HIGH@kitty-edit DCS + --color=geninclude vulnerable to Unauthenticated in-process RCEEPSS 0.2%CVE-2025-12574MEDIUMListar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DeletionEPSS 0.2%CVE-2025-13756MEDIUMFluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution <= 1.9.11 - Authenticated (Subscriber+) Missing Authorization to Calendar Import and ManagementEPSS 0.2%CVE-2025-15473MEDIUMTimetics < 1.0.52 - Unauthenticated Payment/Booking Status UpdateEPSS 0.2%CVE-2025-14392MEDIUMSimple Theme Changer <= 1.0. - Missing Authorization to Plugin Settings Update via AJAX ActionsEPSS 0.2%CVE-2025-11164MEDIUMMavix Education <= 1.0 - Missing Authorization to Authenticated (Subscriber+) 'Creativ Demo Importer' Plugin ActivationEPSS 0.2%CVE-2025-14395MEDIUMPopover Windows <= 1.2 - Missing Authorization to Authenticated (Subscriber+) Popover Configuration Update via AJAX ActionsEPSS 0.2%CVE-2025-12577MEDIUMListar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Listing UpdateEPSS 0.2%CVE-2026-32461MEDIUMWordPress Really Simple SSL plugin <= 9.5.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-13419MEDIUMSmart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-58192MEDIUMWordPress WP Bulk Delete Plugin <= 1.3.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-12634MEDIUMRefund Request for WooCommerce <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Refund Status UpdateEPSS 0.2%CVE-2025-11989LOWMissing Authorization in GitLabEPSS 0.2%CVE-2026-14460HIGHMissing Authorization in TUBITAK BILGEM's pardus-softwareEPSS 0.2%CVE-2025-10646MEDIUMSearch Exclude <= 2.5.7 – Missing Authorization to Authenticated (Contributor+) Search Settings Modification via REST APIEPSS 0.2%CVE-2024-43090MEDIUMIn multiple locations, there is a possible cross-user image read due to a missing permission check. This could lead to local information disEPSS 0.2%CVE-2026-40778MEDIUMWordPress Majestic Support plugin <= 1.1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-22607MEDIUMCoolify Vulnerable to GitHub / GitLab OAuth Secrets LeakEPSS 0.2%