Fallos del tipo CWE-862

6851 resultados
CVE-2021-4445MEDIUMPremium Addons for Elementor <= 4.5.1 - Authenticated (Subscriber+) Limited Arbitrary Option UpdateEPSS 0.4%CVE-2024-1744CRITICALIDOR in Ariva Computer's Accord ORSEPSS 0.4%CVE-2023-33968MEDIUMMissing Access Control allows User to move and duplicate tasks in KanboardEPSS 0.4%CVE-2024-12427MEDIUMMulti Step Form <= 1.7.23 - Missing Authorization to Unauthenticated Limited File UploadEPSS 0.4%CVE-2023-30480MEDIUMWordPress Educenter theme <= 1.5.5 - Broken Access ControlEPSS 0.4%CVE-2024-32684MEDIUMWordPress WP Ultimate Review plugin <= 2.2.5 - Broken Access Control on Review vulnerabilityEPSS 0.4%CVE-2024-37411MEDIUMWordPress Progress Planner plugin <= 0.9.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-30950HIGHAutoGPT has Authenticated Session Hijacking via IDOREPSS 0.4%CVE-2024-3942MEDIUMMasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.3.8 - Missing AuthorizationEPSS 0.4%CVE-2025-62256MEDIUMLiferay Portal 7.4.0 through 7.4.3.109, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.7, 7.4 GA through update 92, EPSS 0.4%CVE-2023-47180MEDIUMWordPress Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin <= 2.16.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2024-54227MEDIUMWordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-47689MEDIUMWordPress Animator plugin <= 3.0.10 - Unauthenticated Plugin Settings Change VulnerabilityEPSS 0.4%CVE-2024-43157MEDIUMWordPress FormCraft plugin <= 1.2.10 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33587MEDIUMWordPress Secure Copy Content Protection and Content Locking plugin <= 3.9.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-53799MEDIUMWordPress FloristPress plugin <= 7.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-30470MEDIUMWordPress YITH WooCommerce Account Funds Premium plugin <= 1.32.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43154MEDIUMWordPress Advanced Cron Manager – debug & control plugin <= 2.5.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43215MEDIUMWordPress Social Slider Feed plugin <= 2.2.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-13654HIGHZoxPress - The All-In-One WordPress News Theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options DeletionEPSS 0.4%