Fallos del tipo CWE-862

6960 resultados
CVE-2026-1930MEDIUMEmailchef <= 3.5.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings DeletionEPSS 0.3%CVE-2025-14428MEDIUMMy Sticky Elements <= 2.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Bulk Lead DeletionEPSS 0.3%CVE-2025-69063HIGHWordPress New User Approve plugin <= 3.2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-31921HIGHWordPress Product Rearrange for WooCommerce plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-27437MEDIUMMissing Authorization check in SAP NetWeaver Application Server ABAP (Virus Scan Interface)EPSS 0.3%CVE-2026-53866HIGHOpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Command ParsingEPSS 0.3%CVE-2025-15115MEDIUMPetlibro Smart Pet Feeder Platform through 1.7.31 Authentication Bypass via API endpointEPSS 0.3%CVE-2025-32260MEDIUMWordPress DethemeKit For Elementor plugin <= 2.1.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-50026MEDIUMFrappe: Lack of permissions checks in 'relink' and 'set_email_password' endpointsEPSS 0.3%CVE-2025-39580MEDIUMWordPress Dashi plugin <= 3.1.8 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-57991MEDIUMWordPress Clariti Plugin <= 1.2.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-1745MEDIUMLinZhaoguan pb-cms Logout cross-site request forgeryEPSS 0.3%CVE-2025-12887MEDIUMPost SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.1 - Missing Authorization to Authenticated (Subscriber+) OAuth Token UpdateEPSS 0.3%CVE-2026-25164HIGHOpenEMR's Document and Insurance REST Endpoints Skip ACLEPSS 0.3%CVE-2024-42372MEDIUMMissing Authorization check in SAP NetWeaver AS Java (System Landscape Directory)EPSS 0.3%CVE-2025-52785HIGHWordPress SMM API plugin <= 6.0.31 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22280HIGHWordPress DefendWP Firewall Plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-42071HIGHMantisBT: Private Bugnote Attachment Content Leak via REST APIEPSS 0.3%CVE-2025-57990MEDIUMWordPress Blog Designer Plugin <= 3.1.8 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-42226HIGHn8n: Credential Authorization Bypass in dynamic-node-parameters Allows Foreign API Key ReplayEPSS 0.3%