Fallos del tipo CWE-862

6872 resultados
CVE-2024-1438HIGHWordPress Rolo Slider plugin <= 1.0.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-32094MEDIUMWordPress Extended Post Status plugin <= 1.0.19 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-52485MEDIUMWordPress WP Menu Image plugin <= 2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49925HIGHWordPress WPLMS plugin <= 1.9.9.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-34800HIGHWordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary plugin Installation vulnerabilityEPSS 0.3%CVE-2025-54040MEDIUMWordPress Webba Booking <= 5.1.20 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-31234MEDIUMWordPress Tilda Publishing plugin <= 0.3.23 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-13459MEDIUMJetFormBuilder <= 3.6.3 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via 'context' ParameterEPSS 0.3%CVE-2025-48246MEDIUMWordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-10186MEDIUMWhyDonate – FREE Donate button – Crowdfunding – Fundraising <= 4.0.15 - Missing Authorization to Unauthenticated wp_wdplugin_style Rww DeletionEPSS 0.3%CVE-2025-11985HIGHRealty Portal <= 0.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.3%CVE-2026-49367HIGHIn JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user accountEPSS 0.3%CVE-2024-37440MEDIUMWordPress Church Admin plugin <= 4.4.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67942MEDIUMWordPress Peach Payments Gateway plugin <= 3.3.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62046MEDIUMWordPress TheGem Demo Import (for WPBakery) plugin <= 5.10.5 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2018-25391HIGHHaPe PKH 1.1 Missing Authorization Allows Unauthenticated Record DeletionEPSS 0.3%CVE-2024-21751MEDIUMWordPress RabbitLoader plugin <= 2.19.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11743MEDIUMSourceCodester Best House Rental Management System POST Request ajax.php cross-site request forgeryEPSS 0.3%CVE-2026-4666MEDIUMwpForo Forum <= 2.4.16 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Forum Post Modification via 'guestposting' ParameterEPSS 0.3%CVE-2026-44329CRITICALfree5GC: SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlersEPSS 0.3%