Fallos del tipo CWE-862

6820 resultados
CVE-2022-40975MEDIUMWordPress Post Slider plugin <= 1.6.7 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-4297HIGHWelcome Software Publishing <= 0.0.31 - Authenticated (Subscriber+) Arbitrary Options Update to Privilege Escalation via 'nc.setOption' XML-RPC MethodEPSS 0.5%CVE-2025-23917MEDIUMWordPress Chamber Dashboard Business Directory Plugin <= 3.3.8 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-32252MEDIUMWordPress WP Genealogy plugin <= 0.1.9 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-51817MEDIUMWordPress Combo WP Rewrite Slugs plugin <= 1.0 - Settings Change vulnerabilityEPSS 0.5%CVE-2024-32688MEDIUMWordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-23854LOWSAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, does not perform necessary auEPSS 0.5%CVE-2023-2590HIGHMissing Authorization in answerdev/answerEPSS 0.5%CVE-2024-35672HIGHWordPress Netgsm plugin <= 2.9.19 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-49288HIGHWordPress Ultimate WP Mail plugin <= 1.3.5 - Account Takeover via Email Log Leak VulnerabilityEPSS 0.5%CVE-2023-34387MEDIUMWordPress Constant Contact Forms plugin <= 2.0.3 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-2033MEDIUMVideo Conferencing with Zoom <= 4.4.5 - Sensitive Information ExposureEPSS 0.5%CVE-2024-53938HIGHAn issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. The TELNET service is enabledEPSS 0.5%CVE-2025-24625MEDIUMWordPress Taxonomy/Term and Role based Discounts for WooCommerce plugin <= 5.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.5%CVE-2024-32516MEDIUMWordPress Multi Currency For WooCommerce plugin <= 1.5.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-4972HIGHDownload Monitor <= 4.7.51 - Missing Authorization to Unauthenticated Data ExportEPSS 0.5%CVE-2025-31041HIGHWordPress AnyTrack Affiliate Link Manager plugin <= 1.0.4 - Broken Access Control VulnerabilityEPSS 0.5%CVE-2024-32432MEDIUMWordPress Ovic Addon Toolkit plugin <= 2.6.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-11355MEDIUMUltimate YouTube Video & Shorts Player With Vimeo <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Setting ExposureEPSS 0.5%CVE-2025-32542HIGHWordPress Eazy Plugin Manager plugin <= 4.3.0 - Broken Access Control vulnerabilityEPSS 0.5%