Fallos del tipo CWE-862

6960 resultados
CVE-2023-22836LOWIn cases where a multi-tenant stack user is operating Foundry’s Linter service, and the user changes the linter name from the default value, the renamed value may be visible to the rest of the stack’s tenants.EPSS 0.3%CVE-2026-24575MEDIUMWordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22770MEDIUMWordPress Envo Multipurpose theme <= 1.1.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-10313HIGHFind And Replace content for WordPress <= 1.1 - Missing Authorization to Unauthenticated Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-4571MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And ModificationEPSS 0.3%CVE-2026-56250HIGHCapgo - Arbitrary R2 Object Deletion via Mutable r2_path in app_versionsEPSS 0.3%CVE-2024-11929MEDIUMResponsive FlipBook Plugin Wordpress <= 2.5.0 - Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-58222MEDIUMWordPress Team Manager plugin <= 2.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-24747MEDIUMWordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-8682MEDIUMJNews - WordPress Newspaper Magazine Blog AMP Theme <= 11.6.6 - Unauthorized User RegistrationEPSS 0.3%CVE-2023-20064MEDIUMCisco IOS XR Software Bootloader Unauthenticated Information Disclosure VulnerabilityEPSS 0.3%CVE-2025-65089MEDIUMXWiki view file macro: User can view content of office file without view rights on the attachmentEPSS 0.3%CVE-2026-5488MEDIUMExactMetrics <= 9.1.2 - Authenticated (Subscriber+) Missing Authorization to Google Ads Access Token Retrieval via AJAX Action 'exactmetrics_ads_get_token'EPSS 0.3%CVE-2025-57976MEDIUMWordPress CardCom Payment Gateway plugin <= 3.5.0.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-39351MEDIUMFrappe allows unrestricted Doctype access via API exploitEPSS 0.3%CVE-2025-57971MEDIUMWordPress SALESmanago Plugin <= 3.8.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-7040HIGHCloud SAML SSO <= 1.0.19 - Missing Authorization to Unauthenticated Settings Modification via set_organization_settings ActionEPSS 0.3%CVE-2025-0955MEDIUMVidoRev Extensions <= 2.9.9.9.9.9.5 - Missing Authorization to Unauthenticated Youtube Video ImportEPSS 0.3%CVE-2025-1285MEDIUMResido - Real Estate WordPress Theme <= 3.6 - Missing Authorization to Unauthenticated Server-Side Request Forgery and API Key Settings UpdateEPSS 0.3%CVE-2025-60159MEDIUMWordPress Nota Fiscal Eletrônica WooCommerce plugin <= 3.4.0.9 - Broken Access Control vulnerabilityEPSS 0.3%