Fallos del tipo CWE-862

7035 resultados
CVE-2025-42918MEDIUMMissing Authorization check in SAP NetWeaver Application Server for ABAP (Background Processing)EPSS 0.2%CVE-2026-35662MEDIUMOpenClaw < 2026.3.22 - Missing controlScope Enforcement in Send ActionEPSS 0.2%CVE-2026-48973MEDIUMWordPress SVG Support plugin <= 2.5.14 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14441MEDIUMPopupkit <= 2.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Subscriber Data DeletionEPSS 0.2%CVE-2025-62970MEDIUMWordPress Link Whisper Free plugin <= 0.9.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-0820MEDIUMRepairBuddy <= 4.1116 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Signature Upload to OrdersEPSS 0.2%CVE-2026-27055MEDIUMWordPress Penci AI SmartContent Creator plugin <= 2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69016MEDIUMWordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-55476MEDIUMSnipe-IT: Unauthorized Asset Request Cancellation via Unguarded cancel_by_admin ParameterEPSS 0.2%CVE-2025-46255HIGHWordPress LoginWP - Pro Plugin <= 4.0.8.5 - Settings Change vulnerabilityEPSS 0.2%CVE-2026-35630HIGHOpenClaw < 2026.5.18 - QQBot Missing Approver Identity Enforcement in Native Approval ButtonsEPSS 0.2%CVE-2026-40581HIGHChurchCRM: Cross-Site Request Forgery (CSRF) in SelectDelete.php Leading to Permanent Data DeletionEPSS 0.2%CVE-2025-62980MEDIUMWordPress Persian Admnin Fonts plugin <= 4.1.03 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62966MEDIUMWordPress GoCache plugin <= 1.3.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49874MEDIUMWordPress Arconix FAQ plugin <= 1.9.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-32396MEDIUMWordPress Team plugin <= 5.0.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-45549HIGHRoxy-WI: Authorization bypass on POST /smon/agent/action/<action> — guest can stop or restart smon-agent on any hostEPSS 0.2%CVE-2026-24946MEDIUMWordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.8.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32421MEDIUMWordPress Post Timeline plugin <= 2.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-32688MEDIUMWordPress Target Video Easy Publish plugin <= 3.8.9 - Arbitrary Code Execution vulnerabilityEPSS 0.2%