Fallos del tipo CWE-862

6883 resultados
CVE-2025-68039MEDIUMWordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-13203MEDIUMkurniaramadhan E-Commerce-PHP cross-site request forgeryEPSS 0.3%CVE-2025-68003MEDIUMWordPress Shown Connector plugin <= 1.2.10 - Settings Change vulnerabilityEPSS 0.3%CVE-2025-39413MEDIUMWordPress Simple Sitemap – Create a Responsive HTML Sitemap plugin <= 3.6.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-30216MEDIUMMissing Authorization check in SAP S/4 HANA (Cash Management)EPSS 0.3%CVE-2024-30217MEDIUMMissing Authorization check in SAP S/4 HANA (Cash Management)EPSS 0.3%CVE-2026-22459MEDIUMWordPress WordPress CTA plugin <= 2.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26750MEDIUMWordPress Vitepos Plugin <= 3.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24139HIGHMyTube Allows Unauthorized Database Export by Guest UsersEPSS 0.3%CVE-2024-22151MEDIUMWordPress Import and export users and customers plugin <= 1.24.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-31826HIGHSkyscreamer Open Source Nevado JMS v1.3.2 does not perform security checks when receiving messages. This allows attackers to execute arbitraEPSS 0.3%CVE-2023-45633MEDIUMWordPress IMPress Listings plugin <= 2.6.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1084MEDIUMMindskip xzs-mysql 学之思开源考试系统 cross-site request forgeryEPSS 0.3%CVE-2024-41624MEDIUMIncorrect access control in Himalaya Xiaoya nano smart speaker rom_version 1.6.96 allows a remote attacker to have an unspecified impact.EPSS 0.3%CVE-2024-5674MEDIUMNewsletter - API v1 and v2 addon for Newsletter <= 2.4.5 - Missing Authorization to Email Subscribers ManagementEPSS 0.3%CVE-2024-6755MEDIUMSocial Auto Poster <= 5.3.14 - Missing Authorization to Unauthenticated Arbitrary Post DeletionEPSS 0.3%CVE-2025-46823HIGHOpenMRS has Vulnerability in FHIR2 Module PrivilegesEPSS 0.3%CVE-2024-12781MEDIUMAurum - WordPress & WooCommerce Shopping Theme <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Demo Content ImportEPSS 0.3%CVE-2026-44994MEDIUMOpenClaw < 2026.4.22 - Authentication Bypass in Gateway Control UI Bootstrap Config EndpointEPSS 0.3%CVE-2025-49913MEDIUMWordPress CoSchedule plugin <= 3.4.0 - Broken Access Control vulnerabilityEPSS 0.3%