Fallos del tipo CWE-862

6851 resultados
CVE-2024-38733MEDIUMWordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-34379MEDIUMWordPress Cart2Cart: Magento to WooCommerce Migration Plugin <= 2.0.0 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2025-9747MEDIUMKoillection csrf_protection_controller.js cross-site request forgeryEPSS 0.4%CVE-2023-28168LOWWordPress WordPress Console plugin <= 0.3.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-23534MEDIUMWordPress WPLingo plugin <= 1.1.2 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2023-45636MEDIUMWordPress Backup & Migration plugin <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-34442MEDIUMWordPress weDocs plugin <= 2.1.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-23515MEDIUMWordPress ts-tree plugin <= 0.1.1 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2023-46632HIGHWordPress My Shortcodes plugin <= 2.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-23766MEDIUMWordPress OPSI Israel Domestic Shipments plugin <= 2.8.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-68920HIGHC-Kermit (aka ckermit) through 10.0 Beta.12 (aka 416-beta12) before 244644d allows a remote Kermit system to overwrite files on the local syEPSS 0.4%CVE-2025-23771MEDIUMWordPress Push Notification for Post and BuddyPress plugin <= 2.11 - Settings Change vulnerabilityEPSS 0.4%CVE-2025-52950MEDIUMJuniper Security Director: Insufficient authorization for multiple endpoints in web interfaceEPSS 0.4%CVE-2025-5117HIGHProperty 1.0.5 - 1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal RegistrationEPSS 0.4%CVE-2024-5468MEDIUMWordPress Header Builder Plugin – Pearl <= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options DeletionEPSS 0.4%CVE-2024-9697MEDIUMSocial Rocket – Social Sharing Plugin <= 1.3.4 - Missing Authorization to Settings UpdateEPSS 0.4%CVE-2025-8322HIGHVentem|e-School - Missing AuthorizationEPSS 0.4%CVE-2023-4700LOWMissing Authorization in GitLabEPSS 0.4%CVE-2022-31597Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/SlovakEPSS 0.4%CVE-2025-26960MEDIUMWordPress Small Package Quotes – Unishippers Edition plugin <= 2.4.9 - Broken Access Control vulnerabilityEPSS 0.4%