Fallos del tipo CWE-862

7059 resultados
CVE-2026-39488MEDIUMWordPress SureCart plugin <= 4.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64681LOWIn JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitationsEPSS 0.2%CVE-2026-42522MEDIUMA missing permission check in Jenkins GitHub Branch Source Plugin 1967.vdea_d580c1a_b_a_ and earlier allows attackers with Overall/Read permEPSS 0.2%CVE-2026-57760MEDIUMWordPress Sendcloud Shipping plugin <= 1.0.29 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39651MEDIUMWordPress Total Poll Lite plugin <= 4.12.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-11255MEDIUMPassword Policy Manager | Password Manager <= 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Configuration Log OutEPSS 0.2%CVE-2025-11257MEDIUMLLM Hubspot Blog Import <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Hubspot ImportEPSS 0.2%CVE-2025-13722MEDIUMFluent Forms <= 6.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Creation via AI BuilderEPSS 0.2%CVE-2024-39546HIGHJunos OS Evolved: Local low-privilege user can gain root permissions leading to privilege escalationEPSS 0.2%CVE-2025-67599MEDIUMWordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67580MEDIUMWordPress Constant Contact + WooCommerce plugin <= 2.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32445LOWWordPress Elementor Website Builder plugin <= 3.35.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53323MEDIUMWordPress Pre-Publish Post Checklist plugin <= 3.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-67583MEDIUMWordPress IDonate plugin <= 2.1.15 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67582MEDIUMWordPress Wbcom Designs plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-29001MEDIUMWordPress WooCommerce Shop Page Builder plugin <= 2.27.7 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-29007MEDIUMWordPress LMSACE Connect plugin <= 3.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-67581MEDIUMWordPress TrueBooker plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27416MEDIUMWordPress PDF Poster plugin <= 2.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9194MEDIUMConstructor <= 1.6.5 - Missing Authorization to Authenticated (Subscriber+) Theme CleanEPSS 0.2%