Fallos del tipo CWE-862

7062 resultados
CVE-2025-57884MEDIUMWordPress Greenshift Plugin <= 12.1.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-27677MEDIUMMissing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment)EPSS 0.2%CVE-2025-62751MEDIUMWordPress Vireo theme <= 1.0.24 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60166MEDIUMWordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion VulnerabilityEPSS 0.2%CVE-2025-9542MEDIUMAutomatorWP <= 5.3.7 - Authenticated (Subscriber+) Missing Authorization to Multiple FunctionsEPSS 0.2%CVE-2025-62965MEDIUMWordPress Admin Management Xtended plugin <= 2.5.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62116MEDIUMWordPress AI Copilot plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-2395HIGHBulgarisation for WooCommerce <= 3.0.14 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-39715MEDIUMWordPress AnyTrack Affiliate Link Manager plugin <= 1.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-15634MEDIUMHCL BigFix WebUI is affected by a missing authorization vulnerabilityEPSS 0.2%CVE-2026-1869MEDIUMUser Registration & Membership <= 5.2.0 - Missing Authorization to Unauthenticated Payment BypassEPSS 0.2%CVE-2026-34837MEDIUMZammad is miissing authorization in AI assistance controller for context data used in text toolsEPSS 0.2%CVE-2026-39705MEDIUMWordPress MIPL WC Multisite Sync plugin <= 1.4.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-46365MEDIUMphpMyFAQ - Missing Authorization in Tag Deletion EndpointEPSS 0.2%CVE-2026-32487MEDIUMWordPress Lawyer Landing Page theme <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62052MEDIUMWordPress One Page Express Companion plugin <= 1.6.43 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62073MEDIUMWordPress MeetingHub plugin <= 1.23.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66160MEDIUMWordPress Select Graphist for Elementor Graphist for Elementor plugin <= 1.2.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-23683MEDIUMMissing Authorization check in SAP Fiori App (Intercompany Balance Reconciliation)EPSS 0.2%CVE-2026-4109MEDIUMEventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) <= 4.1.8 Missing Authorization to Authenticated (Subscriber+) Order Information ExposureEPSS 0.2%