Fallos del tipo CWE-862

6917 resultados
CVE-2026-25317HIGHWordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-23440MEDIUMWordPress radSLIDE plugin <= 2.1 - Broken Access Control to Stored Cross-Site Scripting vulnerabilityEPSS 0.3%CVE-2025-49241MEDIUMWordPress oik plugin <= 4.15.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-6748MEDIUMCustom Field Template <= 2.6.1 - Authenticated(Contributor+) Information ExposureEPSS 0.3%CVE-2026-6506HIGHInfusedWoo Pro <= 5.1.2 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary User Meta UpdateEPSS 0.3%CVE-2025-32308HIGHWordPress Team Builder plugin <= 1.5.7 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-24763MEDIUMWordPress bbPress API plugin <= 1.0.14 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-45272MEDIUMWordPress 10Web Map Builder for Google Maps plugin <= 1.0.73 - Notice Dismissal VulnerabilityEPSS 0.3%CVE-2025-30945MEDIUMWordPress Taskbuilder plugin <= 4.0.7 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2020-15247MEDIUMTwig Sandbox Escape by authenticated users with access to editing CMS templates when safemode is enabled.EPSS 0.3%CVE-2025-47457MEDIUMWordPress LocateAndFilter plugin <= 1.6.16 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-52878MEDIUMIn JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissionsEPSS 0.3%CVE-2026-44562MEDIUMOpen WebUI: Model Import Overwrites Any Model Without Ownership CheckEPSS 0.3%CVE-2026-8976MEDIUMRSS Aggregator by Feedzy <= 5.1.7 - Missing Authorization to Authenticated (Contributor+) Import Job Creation, Execution, Purge, Log Clearing, and Information Disclosure via Multiple AJAX Sub-ActionsEPSS 0.3%CVE-2025-11191MEDIUMRealPress < 1.1.0 - Unauthenticated Content Creation/Email Sending via RESTEPSS 0.3%CVE-2026-49948HIGHMem0 0.2.8 Missing Authorization via POST /configure EndpointEPSS 0.3%CVE-2025-47485MEDIUMWordPress Cozy Blocks plugin <= 2.1.22 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-47634MEDIUMWordPress WC Pickup Store plugin <= 1.8.9 - Settings Change VulnerabilityEPSS 0.3%CVE-2025-49268MEDIUMWordPress Verge3D plugin <= 4.9.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-31581MEDIUMWordPress WP Video Playlist plugin <= 1.1.2 - Settings Change vulnerabilityEPSS 0.3%