Fallos del tipo CWE-266
939 resultadosCVE-2025-4119MEDIUMWeitong Mall Product Statistics queryTotal access controlEPSS 0.5%CVE-2024-52442CRITICALWordPress UserPlus plugin <= 2.0 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2024-12666MEDIUMClassCMS User Management Page admin insufficient privilegesEPSS 0.5%CVE-2024-35700CRITICALWordPress UserPro plugin <= 5.1.8 - Unauthenticated Account Takeover vulnerabilityEPSS 0.5%CVE-2024-37927CRITICALWordPress Jobmonster theme <= 4.7.5 - Unauthenticated Privilege Escalation vulnerabilityEPSS 0.5%CVE-2025-48129CRITICALWordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Privilege Escalation VulnerabilityEPSS 0.5%CVE-2025-1653HIGHDirectory Listings WordPress plugin – uListing <= 2.2.0 - Authenticated (Subscriber+) Privilege EscalationEPSS 0.5%CVE-2024-40681HIGHIBM MQ security bypassEPSS 0.5%CVE-2020-25720HIGHSamba: check attribute access rights for ldap adds of computersEPSS 0.5%CVE-2025-5649MEDIUMSourceCodester Student Result Management System Register Interface new_user access controlEPSS 0.5%CVE-2026-20852HIGHWindows Hello Tampering VulnerabilityEPSS 0.5%CVE-2025-3675MEDIUMTOTOLINK A3700R cstecgi.cgi setL2tpServerCfg access controlEPSS 0.5%CVE-2024-20466MEDIUMCisco Identity Services Engine Sensitive Information Disclosure VulnerabilityEPSS 0.5%CVE-2024-56513HIGHKarmada PULL Mode Cluster Privilege EscalationEPSS 0.5%CVE-2025-4922HIGHNomad Vulnerable To Incorrect ACL Policy Lookup Attached To A JobEPSS 0.5%CVE-2026-3121MEDIUMKeycloak: org.keycloak/keycloak-services: keycloak: privilege escalation via manage-clients permissionEPSS 0.5%CVE-2024-13200MEDIUMwander-chu SpringBoot-Blog HTTP POST Request BaseInterceptor.java preHandle access controlEPSS 0.5%CVE-2025-4269MEDIUMTOTOLINK A720R Log cstecgi.cgi access controlEPSS 0.5%CVE-2024-43333HIGHWordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.2.1 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2023-3300MEDIUMNomad Search API Leaks Information About CSI PluginsEPSS 0.5%