Fallos del tipo CWE-266
938 resultadosCVE-2024-28000CRITICALWordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerabilityEPSS 67.9%CVE-2025-27007CRITICALWordPress SureTriggers <= 1.0.82 - Privilege Escalation VulnerabilityEPSS 50.2%CVE-2025-47539CRITICALWordPress Eventin plugin <= 4.0.26 - Privilege Escalation VulnerabilityEPSS 30.0%CVE-2024-13106MEDIUMD-Link DIR-816 A2 IP QoS form2IPQoSTcAdd access controlEPSS 29.5%CVE-2022-20759HIGHCisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Privilege Escalation VulnerabilityEPSS 28.4%CVE-2024-3013MEDIUMTeledyne FLIR AX8 User Registration test_login.php improper authorizationEPSS 23.0%CVE-2026-23550CRITICALWordPress Modular DS plugin <= 2.5.1 - Privilege Escalation vulnerabilityEPSS 20.6%CVE-2026-48172CRITICALLiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. DetectioEPSS 18.9%KEVCVE-2025-41115CRITICALIncorrect privilege assignmentEPSS 17.3%CVE-2025-2359MEDIUMD-Link DIR-823G DDNS Service HNAP1 SetDDNSSettings improper authorizationEPSS 14.0%CVE-2025-2546MEDIUMD-Link DIR-618/DIR-605L Firewall Service formAdvFirewall access controlEPSS 9.9%CVE-2024-8253HIGHPost Grid and Gutenberg Blocks 2.2.87 - 2.2.90 - Authenticated (Subscriber+) Privilege EscalationEPSS 9.6%CVE-2025-2993MEDIUMTenda FH1202 default.cfg access controlEPSS 8.5%CVE-2025-3663MEDIUMTOTOLINK A3700R Password cstecgi.cgi setWiFiEasyGuestCfg access controlEPSS 8.0%CVE-2018-1088—A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mounEPSS 5.4%CVE-2025-49388CRITICALWordPress Miraculous Core Plugin Plugin <= 2.0.7 - Privilege Escalation VulnerabilityEPSS 5.1%CVE-2014-2532MEDIUMsshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass inEPSS 4.8%CVE-2025-2360MEDIUMD-Link DIR-823G UPnP Service HNAP1 SetUpnpSettings improper authorizationEPSS 3.8%CVE-2025-10644CRITICALWondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass VulnerabilityEPSS 3.7%CVE-2025-3980MEDIUMwowjoy 浙江湖州华卓信息科技有限公司 Internet Doctor Workstation System list improper authorizationEPSS 3.5%