Fallos del tipo CWE-862

6904 resultados
CVE-2025-14043MEDIUMTainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section CreationEPSS 0.3%CVE-2026-2826MEDIUMKadence Blocks — Page Builder Toolkit for Gutenberg Editor <= 3.6.3 - Missing Authorization to Authenticated (Contributor+) Media UploadEPSS 0.3%CVE-2023-51537MEDIUMWordPress Awesome Support plugin <= 6.1.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62929MEDIUMWordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-2821MEDIUMSearch Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings ModificationEPSS 0.3%CVE-2025-31545MEDIUMWordPress Safe Ai Malware Protection for WP plugin <= 1.0.20 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26955MEDIUMWordPress Industrial Lite theme <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31584MEDIUMWordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62927MEDIUMWordPress Nelio Content plugin <= 4.0.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31555MEDIUMWordPress ContentMX Content Publisher plugin <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31856MEDIUMWordPress Export All Post Meta Plugin <= 1.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-5641MEDIUMOne Click Order Re-Order <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-22787MEDIUMWordPress Button Block plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-9015MEDIUMEqualize Digital Accessibility Checker <= 1.42.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Accessibility Issue Modification via edac_insert_ignore_data AJAX ActionEPSS 0.3%CVE-2025-3257MEDIUMxujiangfei admintwo updateSet cross-site request forgeryEPSS 0.3%CVE-2026-3432CRITICALSim Studio AI - Unauthenticated OAuth Token TheftEPSS 0.3%CVE-2023-52179MEDIUMWordPress Product Expiry for WooCommerce plugin <= 2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-48758HIGHWordPress JetEngine plugin <= 3.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-10737HIGHSP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() FunctionEPSS 0.3%CVE-2026-0927MEDIUMKiviCare – Clinic & Patient Management System (EHR) <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File UploadEPSS 0.3%