Fallos del tipo CWE-862

6861 resultados
CVE-2025-6721MEDIUMVchasno Kasa <= 1.0.3 - Missing Authorization to Unauthenticated Invoice GenerationEPSS 0.3%CVE-2026-5371HIGHMonsterInsights <= 10.1.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure And Plugin Integration ResetEPSS 0.3%CVE-2024-43229MEDIUMWordPress WP Search Analytics plugin <= 1.4.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31872MEDIUMWordPress WP Clone any post type Plugin <= 3.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-53798MEDIUMWordPress FloristPress plugin <= 7.3.0 - Nonce Leakage to Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-54415HIGHBroken Access Control in Azuriom CMS Server Routes Allows Account TakeoverEPSS 0.3%CVE-2023-25446HIGHWordPress HappyFiles Pro plugin <= 1.8.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-32268HIGHAzure Blob Storage for Craft CMS Potential Sensitive Information Disclosure vulnerabilityEPSS 0.3%CVE-2026-4916LOWMissing Authorization in GitLabEPSS 0.3%CVE-2025-22608MEDIUMCoolify Vulnerable to Revocation of Arbitrary Team Invitations (DOS)EPSS 0.3%CVE-2026-9175MEDIUMDevs Accounting <= 1.2.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'id' ParameterEPSS 0.3%CVE-2025-24751MEDIUMWordPress CoBlocks plugin <= 3.1.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31066MEDIUMWordPress Acerola theme <= 1.6.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-58629HIGHWordPress Miraculous theme < 2.0.9 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2023-34003MEDIUMWordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerabilityEPSS 0.3%CVE-2025-31794MEDIUMWordPress WR Price List Manager For Woocommerce plugin <= 1.0.8 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2024-43937MEDIUMWordPress WP Crowdfunding plugin <= 2.1.10 - Settings Change vulnerabilityEPSS 0.3%CVE-2024-47330MEDIUMBroken Access Control vulnerability on multiple WordPress plugins by SupsysticEPSS 0.3%CVE-2021-24836Temporary Login Without Password < 1.7.1 - Subscriber+ Plugin's Settings UpdateEPSS 0.3%CVE-2026-9178HIGHWP Forms Connector <= 1.8 - Missing Authorization to Unauthenticated Information Exposure via 'user/list' REST EndpointEPSS 0.3%