Fallos del tipo CWE-862

6860 resultados
CVE-2023-28775MEDIUMWordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated Zapier API Key Reset vulnerabilityEPSS 0.4%CVE-2023-44151MEDIUMWordPress Pre-Publish Checklist plugin <= 1.1.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-12934HIGHBeaver Builder – WordPress Page Builder <= 2.9.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post UpdateEPSS 0.4%CVE-2024-35662MEDIUMWordPress Simple COD Fees for WooCommerce plugin <= 2.0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-7622MEDIUMRevision Manager TMC <= 2.8.19 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email SendingEPSS 0.4%CVE-2024-30466MEDIUMWordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-22260MEDIUMWordPress Meta Tag Manager plugin <= 3.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-30803MEDIUMWordPress Just Writing Statistics plugin <= 5.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-32081MEDIUMWordPress Filter Custom Fields & Taxonomies Light plugin <= 1.05 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-28417MEDIUMWordPress Dynamics 365 Integration plugin <= 1.3.12 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-5453MEDIUMProfileGrid <= 5.8.6 - Missing AuthorizationEPSS 0.4%CVE-2025-24972MEDIUMDiscourse may bypass user preference when adding users to chat groupsEPSS 0.4%CVE-2025-32256MEDIUMWordPress SurveyJS plugin <= 1.12.20 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-7689HIGHHydra Booking 1.1.0 - 1.1.18 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via tfhb_reset_password_callback FunctionEPSS 0.4%CVE-2024-8434MEDIUMEasy Mega Menu Plugin for WordPress – ThemeHunk <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Settings UpdatesEPSS 0.4%CVE-2025-63063MEDIUMWordPress Yandex.Metrica plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37255MEDIUMWordPress ElementsKit Lite plugin <= 3.1.4 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-45658HIGHWordPress Nexter theme <= 2.0.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-32624HIGHWordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-39625MEDIUMWordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Message Duplication VulnerabilityEPSS 0.4%