Fallos del tipo CWE-862

6852 resultados
CVE-2023-29422MEDIUMWordPress Dynamics 365 Integration plugin <= 1.3.13 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37439MEDIUMWordPress Uncanny Toolkit Pro for LearnDash plugin < 4.1.4.1 - Subscriber+ Arbitrary Post/Page Duplication vulnerabilityEPSS 0.4%CVE-2024-31304HIGHWordPress MultiVendorX Marketplace <= 4.1.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-47836MEDIUMWordPress WP Meta and Date Remover plugin <= 2.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-49581MEDIUMAccess control issue impacting RV backed objectsEPSS 0.4%CVE-2023-49850MEDIUMWordPress WP Simple HTML Sitemap plugin <= 2.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43270MEDIUMWordPress Backup and Restore WordPress plugin <= 1.50 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37207MEDIUMWordPress Demo Awesome plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37926MEDIUMWordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-0900MEDIUMElespare – Build Your Blog, News & Magazine Websites with Expert-Designed Template Kits. One Click Import: No Coding Skills Required! <= 2.1.2 - Missing Authorization to Subscriber+ Arbitrary Post CreationEPSS 0.4%CVE-2024-3609MEDIUMReviewX – Multi-criteria Rating & Reviews for WooCommerce <= 1.6.27 - Missing AuthorizationEPSS 0.4%CVE-2021-24790Contact Form Advanced Database <= 1.0.8 - Unauthorised AJAX CallsEPSS 0.4%CVE-2023-52183MEDIUMWordPress WordPress Backup & Migration plugin <= 1.4.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-11807CRITICALEda-server: websocket missing authorization allows credential theft via activation_id spoofingEPSS 0.4%CVE-2025-66735HIGHyoulai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permissioEPSS 0.4%CVE-2022-3337MEDIUMLock WARP switch bypass by removing VPN profile on iOS mobile clientEPSS 0.4%CVE-2022-3321MEDIUMLock WARP switch feature bypass on WARP mobile client for iOSEPSS 0.4%CVE-2024-21417HIGHWindows Text Services Framework Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2024-20442MEDIUMCisco Nexus Dashboard Unauthorized API Endpoints VulnerabilityEPSS 0.4%CVE-2023-48775MEDIUMWordPress WP CleanFix plugin <= 5.6.2 - Broken Access Control vulnerabilityEPSS 0.4%