Fallos del tipo CWE-862

6883 resultados
CVE-2024-25929MEDIUMWordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1336MEDIUMAI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.5 - Missing Authorization to Unauthenticated API Key ModificationEPSS 0.3%CVE-2026-3477MEDIUMPZ Frontend Manager <= 1.0.6 - Missing Authorization to Arbitrary User Deletion via 'dataType' ParameterEPSS 0.3%CVE-2024-25643MEDIUMMissing authorization check in SAP Fiori app (My Overtime Requests)EPSS 0.3%CVE-2025-1666MEDIUMCookie banner plugin for WordPress – Cookiebot CMP by Usercentrics <= 4.4.1 - Missing Authorization to Authenticated (Subscriber+) Survey SubmissionEPSS 0.3%CVE-2024-49321MEDIUMWordPress Simple Custom Post Order plugin <= 2.5.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1813MEDIUMzj1983 zz cross-site request forgeryEPSS 0.3%CVE-2026-8681MEDIUMEssential Chat Support <= 1.0.1 - Missing Authorization to Unauthenticated Settings Reset via 'ecs_reset_settings' ParameterEPSS 0.3%CVE-2023-5331MEDIUMFile Information Leak via IDOR in file_id in Draft PostsEPSS 0.3%CVE-2026-35033CRITICALJellyfin: Potential SSRF + Arbitrary file read via stream argument injectionEPSS 0.3%CVE-2024-13449MEDIUMBoom Fest <= 2.2.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.3%CVE-2023-29237MEDIUMWordPress Remove Duplicate Posts plugin <= 1.3.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11724MEDIUMCookie Consent for WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) <= 3.6.5 - Missing Authorization to Authenticated (Subscriber+) Whitelist ScriptEPSS 0.3%CVE-2024-9686MEDIUMOrder Notification for Telegram <= 1.0.1 - Missing Authorization to Unauthenticated Send Telegram Test MessageEPSS 0.3%CVE-2024-24711MEDIUMWordPress WooCommerce Conversion Tracking plugin <= 2.0.11 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-35448LOWWWBN AVideo Provides Unauthenticated Access to Payment Order Data via BlockonomicsYPT check.phpEPSS 0.3%CVE-2024-24719MEDIUMWordPress Kikote plugin <= 1.8.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68039MEDIUMWordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-48039MEDIUMWordPress CubeWP Framework plugin <= 1.1.15 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68003MEDIUMWordPress Shown Connector plugin <= 1.2.10 - Settings Change vulnerabilityEPSS 0.3%