Fallos del tipo CWE-862

7009 resultados
CVE-2025-58258MEDIUMWordPress Lazy Blocks Plugin <= 4.1.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-39716MEDIUMWordPress Flipmart theme <= 2.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-15320MEDIUMSipeed PicoClaw pico.go rt.ReloadConfig authorizationEPSS 0.2%CVE-2026-53439MEDIUMMissing permission checks in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allow attackers with Overall/Read permission to determine otEPSS 0.2%CVE-2025-1091MEDIUMBroken Authorization SchemaEPSS 0.2%CVE-2025-64276MEDIUMWordPress Survey Maker plugin <= 5.1.9.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32439MEDIUMWordPress BigHearts theme <= 3.1.14 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-33495MEDIUMOry Oathkeeper has an authentication bypass by usage of untrusted headerEPSS 0.2%CVE-2025-12979MEDIUMWelcart e-Commerce <= 2.11.24 - Missing Authorization to Unauthenticated Information ExposureEPSS 0.2%CVE-2026-39673MEDIUMWordPress iZooto plugin <= 3.7.20 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-11051MEDIUMSourceCodester Pet Grooming Management Software cross-site request forgeryEPSS 0.2%CVE-2025-5766MEDIUMcode-projects Laundry System cross-site request forgeryEPSS 0.2%CVE-2025-2042MEDIUMhuang-yk student-manage cross-site request forgeryEPSS 0.2%CVE-2026-32435MEDIUMWordPress VW Pet Shop theme <= 1.4.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12891MEDIUMSurvey Maker <= 5.1.9.4 - Missing Authorization to Unauthenticated Information ExposureEPSS 0.2%CVE-2025-12042MEDIUMCourse Booking System <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data ExportEPSS 0.2%CVE-2025-31609MEDIUMWordPress WPCargo Track & Trace plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.2%CVE-2026-39675MEDIUMWordPress Court Reservation plugin <= 1.10.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32434MEDIUMWordPress VW Fitness theme <= 4.3.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39639MEDIUMWordPress RPS Include Content plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.2%