Fallos del tipo CWE-639

1581 resultados
CVE-2026-22400MEDIUMWordPress Holmes theme <= 1.7 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-22398MEDIUMWordPress Fleur theme <= 2.0 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-39526MEDIUMWordPress WpStream plugin < 4.11.2 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-22391MEDIUMWordPress Cocco theme <= 1.5.1 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2025-13157MEDIUMQODE Wishlist for WooCommerce <= 1.2.7 - Unauthenticated Insecure Direct Object Reference to Wishlist UpdateEPSS 0.2%CVE-2026-22426MEDIUMWordPress Sweet Jane theme <= 1.2 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-22430MEDIUMWordPress Verdure theme <= 1.6 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2025-68044HIGHWordPress Five Star Restaurant Reservations plugin <= 2.7.4 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2025-66123MEDIUMWordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-57630MEDIUMWordPress Blocksy Companion Pro plugin <= 2.1.46 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-2257MEDIUMGetGenie <= 4.3.2 - Insecure Direct Object Reference to Authenticated (Author+) Stored Cross-Site Scripting via REST APIEPSS 0.2%CVE-2026-56215HIGHCapgo - Account Merge via Poisoned public.users.email in SSO ProvisioningEPSS 0.2%CVE-2025-15657MEDIUMWordPress School Management plugin <= 93.1.0 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-34370MEDIUMChamilo LMS: IDOR in the Notebook Module allows an attacker to view other users' private notesEPSS 0.2%CVE-2025-14881LOWInsecure direct object referenceEPSS 0.2%CVE-2026-42515HIGHInsecure Direct Object Reference (IDOR) Vulnerability in e-Sushrut HMISEPSS 0.2%CVE-2026-54016MEDIUMOpen WebUI: Open WebUI BOLA: `search_knowledge_files` Allows Unauthorized Knowledge Base File EnumerationEPSS 0.2%CVE-2026-42516HIGHBroken Access Control Vulnerability in e-Sushrut HMISEPSS 0.2%CVE-2025-66558LOWNextcloud Twofactor WebAuthn app was updated based on public keyEPSS 0.2%CVE-2026-42517HIGHCryptographic Failure Vulnerability in e-Sushrut HMISEPSS 0.2%