Fallos del tipo CWE-862

7035 resultados
CVE-2026-21429LOWEmlog has Broken Access Control (BAC)EPSS 0.2%CVE-2025-64211MEDIUMWordPress Masterstudy Elementor Widgets plugin <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53217HIGHWordPress AIO WP Builder Plugin <= 2.0.2 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-1832MEDIUMThriveDesk <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Cache DeletionEPSS 0.2%CVE-2025-68042MEDIUMWordPress Travelpayouts plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-4298MEDIUMDSGVO All in one for WP <= 4.9 - Missing Authorization to Authenticated (Subscriber+) Settings ResetEPSS 0.2%CVE-2025-13403MEDIUMEmployee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.3 - Missing Authorization to Authenticated (Subscriber+) Tracking Opt-In/Opt-Out ModificationEPSS 0.2%CVE-2025-6478MEDIUMCodeAstro Expense Management System cross-site request forgeryEPSS 0.2%CVE-2026-5022MEDIUMLangflow - Missing Authorization on download_image EndpointEPSS 0.2%CVE-2025-64257MEDIUMWordPress My Tickets plugin <= 2.1.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12091MEDIUMSearch, Filters & Merchandising for WooCommerce <= 3.0.67 - Missing Authorization to Authenticated (Subscriber+) Plugin DeactivationEPSS 0.2%CVE-2025-62914MEDIUMWordPress Effect Maker plugin <= 1.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66528MEDIUMWordPress Thank You Page Customizer for WooCommerce plugin <= 1.1.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67468MEDIUMWordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.4.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14045MEDIUMURL Media Uploader <= 1.0.1 - Missing Authorization to Authenticated (Contributor+) Safe File UploadEPSS 0.2%CVE-2025-48139MEDIUMWordPress StyleAI plugin <= 1.0.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-54734MEDIUMWordPress B Slider Plugin <= 1.1.30 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57720MEDIUMWordPress ThumbPress plugin <= 6.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-42896MEDIUMAn issue was addressed with improved handling of temporary files. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17EPSS 0.2%CVE-2025-54714HIGHWordPress Zephyr Project Manager Plugin <= 3.3.201 - Broken Access Control VulnerabilityEPSS 0.2%