Fallos del tipo CWE-862

6863 resultados
CVE-2024-1337MEDIUMSKT Page Builder <= 4.1 - Missing Authorization to Authenticated(Subscriber+) Content InjectionEPSS 0.3%CVE-2024-3249MEDIUMZita Elementor Site Library <= 1.6.2 - Missing Authorization to Page Creation and Options ModificationEPSS 0.3%CVE-2023-46073MEDIUMWordPress DX Delete Attached Media plugin <= 2.0.5.1 - Broken Access Control vulnerability + CSRFEPSS 0.3%CVE-2026-25517MEDIUMWagtail has improper permission handling on admin preview endpointsEPSS 0.3%CVE-2026-3266HIGHImproper access control vulnerability has been discovered in OpenText™ Filr.EPSS 0.3%CVE-2025-22657HIGHWordPress Atarim plugin <= 4.0.9 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2024-31281MEDIUMWordPress Church Admin plugin <= 4.1.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-45050HIGHRinger Server Does Not Check Members When Loading MessagesEPSS 0.3%CVE-2025-37087CRITICALA vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an attacker to gain access to an arbitrary filEPSS 0.3%CVE-2026-3480MEDIUMWP Blockade <= 0.9.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution via 'shortcode' ParameterEPSS 0.3%CVE-2025-64349HIGHELOG user profile missing authorizationEPSS 0.3%CVE-2026-53816HIGHOpenClaw < 2026.5.18 - Exec Lifecycle Event Forgery via Paired NodeEPSS 0.3%CVE-2025-1643MEDIUMBenner ModernaNet SG_AlterarSenha cross-site request forgeryEPSS 0.3%CVE-2026-24525MEDIUMWordPress CLP Varnish Cache plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-66122MEDIUMWordPress Stylish Price List plugin <= 7.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24566MEDIUMWordPress iNET Webkit plugin <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14982MEDIUMBooking Calendar <= 10.14.11 - Missing Authorization to Sensitive Information ExposureEPSS 0.3%CVE-2024-20463MEDIUMCisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection and Denial of Service VulnerabilityEPSS 0.3%CVE-2025-59827HIGHFlagForgeCTF is Missing Authorization in main-v2EPSS 0.3%CVE-2025-52731HIGHWordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion VulnerabilityEPSS 0.3%