Fallos del tipo CWE-862

6854 resultados
CVE-2026-44560MEDIUMOpen WebUI: Unauthorized File and Knowledge Base Content Access via RAG Vector SearchEPSS 0.4%CVE-2025-24607MEDIUMWordPress IdeaPush plugin <= 8.71 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-5318MEDIUMMissing Authorization in GitLabEPSS 0.4%CVE-2024-11583MEDIUMBorderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font DeletionEPSS 0.4%CVE-2025-24649MEDIUMWordPress Admin and Site Enhancements (ASE) Plugin <= 7.6.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2019-14822A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus oEPSS 0.4%CVE-2025-47558HIGHWordPress MapSVG plugin < 8.6.13 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1937HIGHBrizy – Page Builder <= 2.4.44 - Missing Authorization to Authenticated (Contributor+) Post ModificationEPSS 0.4%CVE-2025-11380MEDIUMEverest Backup <= 2.3.5 - Missing Authorization to Unauthenticated Information ExposureEPSS 0.4%CVE-2024-5997MEDIUMDuplica <= 0.6 - Authenticated (Subscriber+) Missing Authorization to Users/Posts Duplicates CreationEPSS 0.4%CVE-2024-35661MEDIUMWordPress Upload Fields for WPForms plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43331MEDIUMWordPress WP SMS plugin <= 6.9.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32799MEDIUMWordPress Easy Property Listings plugin <= 3.5.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-26953HIGHWordPress JetMenu plugin <= 2.4.9 - Broken Access Control VulnerabilityEPSS 0.4%CVE-2023-51494MEDIUMWordPress WooCommerce Product Vendors plugin <= 2.2.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-6253HIGHUiCore Elements <= 1.3.0 - Missing Authorization to Unauthenticated Arbitrary File ReadEPSS 0.4%CVE-2026-30885MEDIUMWWBN AVideo - Unauthenticated IDOR - Playlist Information DisclosureEPSS 0.4%CVE-2024-33545MEDIUMWordPress WZone plugin <= 14.0.10 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-31421MEDIUMWordPress Popup by Supsystic plugin <= 1.10.27 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-29000HIGHWordPress Multi-language Responsive Contact Form plugin <= 2.8 - Broken Access Control VulnerabilityEPSS 0.4%