Fallos del tipo CWE-862

6946 resultados
CVE-2025-9984MEDIUMFeatured Image from URL (FIFU) <= 5.2.7 - Missing Authorization to Password Protected Post DisclosureEPSS 0.3%CVE-2024-10665MEDIUMYaad Sarig Payment Gateway For WC <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/DeletionEPSS 0.3%CVE-2025-1891MEDIUMshishuocms cross-site request forgeryEPSS 0.3%CVE-2025-4887MEDIUMSourceCodester Online Student Clearance System cross-site request forgeryEPSS 0.3%CVE-2025-15260MEDIUMMyRewards – Loyalty Points and Rewards for WooCommerce <= 5.6.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Loyalty Rule ModificationEPSS 0.3%CVE-2026-41454HIGHWeKan < 8.35 Missing Authorization via Integration REST APIEPSS 0.3%CVE-2025-23187MEDIUMMissing Authorization Check in SAP NetWeaver and ABAP Platform (SDCCN)EPSS 0.3%CVE-2026-35606MEDIUMFile Browser discloses text file content via /api/resources endpoint bypassing Perm.Download checkEPSS 0.3%CVE-2024-6155MEDIUMGreenshift – animation and page builder blocks <= 9.0.0 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery and Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-64179MEDIUMlakeFS: Unauthenticated access to API usage metricsEPSS 0.3%CVE-2026-28557HIGHwpForo Forum < 2.4.16 Privilege Escalation via Role Synchronization HandlerEPSS 0.3%CVE-2024-54222MEDIUMWordPress Seraphinite Accelerator plugin <= 2.22.15 - Authenticated Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2024-9626MEDIUMEditorial Assistant by Sovrn <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Attachment Upload and Set Post Featured ImageEPSS 0.3%CVE-2025-28997MEDIUMWordPress WP AutoKeyword plugin <= 1.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-23961MEDIUMWordPress WordPress Graphs & Charts Plugin <= 2.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47469MEDIUMWordPress Media Hygiene plugin <= 4.0.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-24762MEDIUMWordPress TicketBAI Facturas para WooCommerce plugin <= 3.45 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31630MEDIUMWordPress The Business <= 1.6.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-28995MEDIUMWordPress Viral Loops WP Integration plugin <= 3.8.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-46485MEDIUMWordPress WP Customize Login Page plugin <= 1.6.5 - Broken Access Control VulnerabilityEPSS 0.3%