Fallos del tipo CWE-288
586 resultadosCVE-2026-1618HIGHAdmin Account Takeover in Universal Sotware's FlexCity/KioskEPSS 0.4%CVE-2026-31151CRITICALAn issue in the login mechanism of Kaleris YMS v7.2.2.1 allows attackers to bypass login verification to access the application 's resourcesEPSS 0.4%CVE-2025-5060HIGHBravis User <= 1.0.1 - Authentication Bypass to Account TakeoverEPSS 0.4%CVE-2025-61673HIGHKarapace is vulnerable to Authentication BypassEPSS 0.4%CVE-2025-64236CRITICALWordPress Tuturn plugin < 3.6 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2025-1313HIGHNokri - Job Board WordPress Theme <= 1.6.3 - Authenticated (Subscriber+) Privilege Escalation via Account TakeoverEPSS 0.4%CVE-2025-67915HIGHWordPress Timetics plugin <= 1.0.46 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2025-62064CRITICALWordPress Search & Go theme <= 2.7 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2026-22733HIGHAuthentication Bypass under Actuator CloudFoundry endpointsEPSS 0.4%CVE-2026-5557MEDIUMbadlogic pi-mono pi-mom Slack Bot slack.ts authentication bypassEPSS 0.4%CVE-2025-31512HIGHAn issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval via isAddedByApprover in a Request%20BuildEPSS 0.4%CVE-2025-67998HIGHWordPress Miraculous Elementor plugin <= 2.0.7 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2025-31694HIGHTwo-factor Authentication (TFA) - Moderately critical - Access bypass - SA-CONTRIB-2025-023EPSS 0.4%CVE-2023-31152MEDIUMAuthentication Bypass Using an Alternate Path or ChannelEPSS 0.4%CVE-2026-22341MEDIUMWordPress Booked plugin <= 3.0.0 - Account Takeover vulnerabilityEPSS 0.4%CVE-2025-64121CRITICALNuvation Energy Multi-Stack Controller Authentication BypassEPSS 0.4%CVE-2025-47707HIGHEnterprise MFA - TFA for Drupal - Moderately critical - Access bypass - SA-CONTRIB-2025-053EPSS 0.4%CVE-2022-36249MEDIUMShop Beat Services Vulnerable To Bypass 2FA via APIsEPSS 0.4%CVE-2026-45217MEDIUMWordPress Stripe Payment Gateway for WooCommerce plugin <= 5.0.7 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2022-30623MEDIUMChcnav - P5E GNSS Authentication bypassEPSS 0.3%