Fallos del tipo CWE-862

7062 resultados
CVE-2025-62052MEDIUMWordPress One Page Express Companion plugin <= 1.6.43 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-3527MEDIUMEventON - WordPress Virtual Event Calendar Plugin <= 4.9.6 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-62073MEDIUMWordPress MeetingHub plugin <= 1.23.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57300MEDIUMA missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb_2557fe and earlier allows attackers with Item/Read permission to read EPSS 0.2%CVE-2025-12563MEDIUMBlog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Incorrect Authorization to Video File UploadEPSS 0.2%CVE-2026-40763MEDIUMWordPress Royal Elementor Addons plugin <= 1.7.1056 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69189HIGHWordPress JobBank plugin <= 1.2.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42753HIGHWordPress WCFM Membership plugin <= 2.11.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-11448MEDIUMGallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery ConversionEPSS 0.2%CVE-2025-12665MEDIUMNinja Countdown <= 1.5.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Countdown DeletionEPSS 0.2%CVE-2025-43286HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26EPSS 0.2%CVE-2025-12582MEDIUMFeatures <= 0.0.2 - Missing Authorization to Authenticated (Subscriber+) Option ResetEPSS 0.2%CVE-2026-56063HIGHWordPress MailChimp Block plugin <= 1.1.15 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12113MEDIUMAlt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images <= 1.8.3 - Missing Authorization to Authenticated (Subscriber+) API Key DeletionEPSS 0.2%CVE-2025-64274MEDIUMWordPress WPKoi Templates for Elementor plugin <= 3.4.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12156MEDIUMAi Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One 2.0.7 - 2.2.6 - Missing Authorization to Authenticated (Subscriber+) Post CreationEPSS 0.2%CVE-2026-42675HIGHWordPress Hydra Booking plugin <= 1.1.41 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13136MEDIUMGSheetConnector For Ninja Forms <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) System Information ExposureEPSS 0.2%CVE-2026-39401MEDIUMPrivilege Escalation via update_event Job Output in CronicleEPSS 0.2%CVE-2025-12822MEDIUMWP Login and Register using JWT <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) API Key ExposureEPSS 0.2%