Fallos del tipo CWE-862

6877 resultados
CVE-2024-2298MEDIUMaffiliate-toolkit – WordPress Affiliate Plugin <= 3.5.4 - Missing Authorization via atkp_import_productEPSS 0.3%CVE-2023-45370An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.EPSS 0.3%CVE-2026-27471CRITICALERP: Document access through endpoints due to missing validationEPSS 0.3%CVE-2023-36695MEDIUMWordPress Sublanguage plugin <= 2.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12249MEDIUMGS Insever Portfolio <= 1.4.5 - Missing Authorization to Authenticated (Subscriber+) CSS InjectionEPSS 0.3%CVE-2025-13384HIGHCP Contact Form with PayPal <= 1.3.56 - Missing Authorization to Unauthenticated Arbitrary Payment ConfirmationEPSS 0.3%CVE-2026-40623HIGHSenseLive X3050 Missing AuthorizationEPSS 0.3%CVE-2025-26944HIGHWordPress JetPopup plugin <= 2.0.11 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-34435MEDIUMWordPress Aiomatic plugin <= 1.9.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-35727MEDIUMWordPress Extra Product Options for WooCommerce plugin <= 3.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12618MEDIUMNewsletter2Go <= 4.0.14 - Missing Authorization to Authenticated (Subscriber+) Style ResetEPSS 0.3%CVE-2024-31267MEDIUMWordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-1804MEDIUMTutor LMS – Migration Tool <= 2.2.0 - Missing Authorization in tutor_import_from_xmlEPSS 0.3%CVE-2024-31261MEDIUMWordPress Announcer – Notification & message bars plugin <= 6.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26942HIGHWordPress JetTricks plugin <= 1.5.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-32817CRITICALAdmidio is Missing Authorization and CSRF Protection on Document and Folder DeletionEPSS 0.3%CVE-2026-22479HIGHWordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-30537MEDIUMWordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47619MEDIUMWordPress 6Storage Rentals plugin <= 2.20.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-31423MEDIUMWordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.5 - Broken Access Control vulnerabilityEPSS 0.3%