Fallos del tipo CWE-862

7019 resultados
CVE-2025-58599MEDIUMWordPress Order Delivery Date for WooCommerce Plugin <= 4.1.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-9202MEDIUMColorMag <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin InstallationEPSS 0.2%CVE-2025-53236MEDIUMWordPress UDesign Core plugin <= 4.14.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58664MEDIUMWordPress Text To Speech TTS Accessibility plugin <= 1.9.30 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58783MEDIUMWordPress Gutentor plugin <= 3.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60123MEDIUMWordPress HivePress Claim Listings plugin <= 1.1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-15445MEDIUMRestaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary Plugin Installation/ActivationEPSS 0.2%CVE-2025-58251MEDIUMWordPress Sticky Header Effects for Elementor Plugin <= 2.1.2 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-43567HIGHOpenClaw < 2026.4.10 - Path Traversal in screen_record outPath ParameterEPSS 0.2%CVE-2025-58813MEDIUMWordPress Consultstreet Theme <= 3.0.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58824MEDIUMWordPress Shk Corporate Theme <= 2.4.1.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-53343MEDIUMWordPress Modernize Theme <= 3.4.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58622MEDIUMWordPress Mobile Contact Line Plugin <= 2.4.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-14357MEDIUMMega Store Woocommerce <= 5.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation and Settings ChangeEPSS 0.2%CVE-2025-58594MEDIUMWordPress Brizy Plugin <= 2.7.12 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58817MEDIUMWordPress SoftMe Theme <= 1.1.27 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-2559MEDIUMPost SMTP <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Office 365 OAuth Configuration OverwriteEPSS 0.2%CVE-2026-60124MEDIUMMISP importModule missing authorization allows read-only users to modify events via misp_standard importsEPSS 0.2%CVE-2025-60143MEDIUMWordPress Netgsm plugin <= 2.9.69 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2900LOWMissing Authorization in GitLabEPSS 0.2%