Fallos del tipo CWE-862

7059 resultados
CVE-2026-24580MEDIUMWordPress Ecwid Shopping Cart plugin <= 7.0.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24940MEDIUMWordPress Travelfic Toolkit plugin <= 1.3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24368MEDIUMWordPress The Grid plugin < 2.8.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25393MEDIUMWordPress Hello FSE theme <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24579MEDIUMWordPress Ai Image Alt Text Generator for WP plugin <= 1.1.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24571MEDIUMWordPress BOX NOW Delivery plugin <= 3.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25416MEDIUMWordPress News Kit Elementor Addons plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-6730MEDIUMBonanza – WooCommerce Free Gifts Lite <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Opt In SuccessEPSS 0.2%CVE-2026-42522MEDIUMA missing permission check in Jenkins GitHub Branch Source Plugin 1967.vdea_d580c1a_b_a_ and earlier allows attackers with Overall/Read permEPSS 0.2%CVE-2025-11257MEDIUMLLM Hubspot Blog Import <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Hubspot ImportEPSS 0.2%CVE-2025-64681LOWIn JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitationsEPSS 0.2%CVE-2025-69093MEDIUMWordPress ShopMagic plugin <= 4.7.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64265MEDIUMWordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12389MEDIUMImport Export For WooCommerce <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.2%CVE-2025-12014MEDIUMNGINX Cache Optimizer <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Dynamic Caching Exclusion UpdateEPSS 0.2%CVE-2026-39488MEDIUMWordPress SureCart plugin <= 4.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57721MEDIUMWordPress ApplyOnline plugin <= 2.6.7.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12370MEDIUMTakeads <= 1.0.13 - Missing Authorization to Plugin Settings DeletionEPSS 0.2%CVE-2026-39651MEDIUMWordPress Total Poll Lite plugin <= 4.12.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57760MEDIUMWordPress Sendcloud Shipping plugin <= 1.0.29 - Broken Access Control vulnerabilityEPSS 0.2%