Fallos del tipo CWE-862

6931 resultados
CVE-2025-4046HIGHMissing Authorization in Lexmark Cloud Services badge managementEPSS 0.3%CVE-2025-69385MEDIUMWordPress Cartify - WooCommerce Gutenberg WordPress Theme theme <= 1.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2023-25997MEDIUMWordPress Sola Support Ticket <= 3.17 - Arbitrary Content Deletion VulnerabilityEPSS 0.3%CVE-2026-46645MEDIUMSQLAdmin: Authorization Bypass on `ajax_lookup`EPSS 0.3%CVE-2026-40773MEDIUMWordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.7.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-28038MEDIUMWordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.21.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22696MEDIUMWordPress Document Block – Upload & Embed Docs, PDF, PPT, XLS or Any Documents plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-69303HIGHWordPress ModelTheme Framework plugin < 2.0.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-24382HIGHWordPress News Magazine X theme <= 1.2.50 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22299MEDIUMWordPress AI for SEO plugin <= 1.2.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12033MEDIUMJupiter X Core <= 4.8.5 - Missing Authorization to Authenticated Library SyncEPSS 0.3%CVE-2026-44719MEDIUMMathesar: Missing collaborator checks allowed access to database-scoped Mathesar metadataEPSS 0.3%CVE-2024-35692MEDIUMWordPress GDPR/CCPA Cookie Consent Banner plugin <= 3.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-44718MEDIUMMathesar: Missing collaborator checks allowed access to saved explorations in other databasesEPSS 0.3%CVE-2026-30889MEDIUMDiscourse has Unauthorized Post Data Exposure in discourse-user-notesEPSS 0.3%CVE-2025-49509MEDIUMWordPress Audio Editor & Recorder plugin <= 2.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-48881CRITICALWordPress TrueBooker plugin <= 1.1.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-54847HIGHWordPress Stylish Cost Calculator plugin <= 8.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-3475MEDIUMInstant Popup Builder <= 1.1.7 - Unauthenticated Arbitrary Shortcode Execution via 'token' ParameterEPSS 0.3%CVE-2026-54846HIGHWordPress Syncee Premium Dropshipping & Wholesale plugin <= 1.0.27 - Broken Access Control vulnerabilityEPSS 0.3%