Fallos del tipo CWE-266
949 resultadosCVE-2026-10272MEDIUMa4m4 Student-Management-System deleteform.php improper authorizationEPSS 0.3%CVE-2025-59134HIGHWordPress Sale! Immigration law, Visa services support, Migration Agent Consulting theme <= 1.5.8 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2026-2015MEDIUMPortabilis i-Educar Final Status Import FinalStatusImportService.php improper authorizationEPSS 0.3%CVE-2026-24963HIGHWordPress Amelia plugin <= 1.2.38 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-59945HIGHSysReptor Susceptible to Privilege Escalation by Authenticated UsersEPSS 0.3%CVE-2025-0783MEDIUMpankajindevops scale API Endpoint access controlEPSS 0.3%CVE-2026-3209MEDIUMfosrl Pangolin Role verifyApiKeyRoleAccess access controlEPSS 0.3%CVE-2025-25767MEDIUMA vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrariEPSS 0.3%CVE-2025-10247MEDIUMJEPaaS Filter doFilterInternal access controlEPSS 0.3%CVE-2025-8791MEDIUMLitmusChaos Litmus list_projects improper authorizationEPSS 0.3%CVE-2024-6322MEDIUMAccess control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account EPSS 0.3%CVE-2025-2653MEDIUMFoxCMS improper authorizationEPSS 0.3%CVE-2026-35671HIGHphpMyFAQ - Insecure Direct Object Reference in User Password APIEPSS 0.3%CVE-2016-7066—It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow anEPSS 0.3%CVE-2025-10013MEDIUMPortabilis i-Educar exportacao-para-o-seb access controlEPSS 0.3%CVE-2020-27122MEDIUMCisco Identity Services Engine Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-47631HIGHWordPress Hospital Management System plugin <= 47.0(20-11-2023) - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-39405HIGHWordPress WPAMS plugin <= 44.0 (17-08-2023) - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2024-11486MEDIUMCode4Berry Decoration Management System User Permission user_permission.phpEPSS 0.3%CVE-2025-8839MEDIUMjshERP Endpoint addUser improper authorizationEPSS 0.3%