Fallos del tipo CWE-862

7062 resultados
CVE-2026-52714HIGHWordPress SEO Plugin by Squirrly SEO plugin <= 12.4.16 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63016MEDIUMWordPress QuadLayers TikTok Feed plugin <= 4.6.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49338MEDIUMWordPress Flowbox plugin <= 1.1.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69027MEDIUMWordPress Product Delivery Date for WooCommerce – Lite plugin <= 3.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-61985MEDIUMWordPress Car Rental Manager plugin <= 1.3.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-25969MEDIUMWordPress Contact Form & Lead Form Elementor Builder plugin <= 1.8.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32440MEDIUMWordPress WP Food plugin < 2.7.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62755MEDIUMWordPress GS Portfolio for Envato plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62138MEDIUMWordPress WP Advanced PDF plugin <= 1.1.7 - Other vulnerability Type vulnerabilityEPSS 0.2%CVE-2026-23721MEDIUMOpenProject users with "View Members" permission in any project can view all Group membershipsEPSS 0.2%CVE-2026-39697MEDIUMWordPress MAIO – The new AI GEO / SEO tool plugin <= 6.2.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27946HIGHZITADEL Users Can Self-Verify Email/Phone via UpdateHumanUser APIEPSS 0.2%CVE-2025-62092MEDIUMWordPress Wiremo plugin <= 1.4.99 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39699MEDIUMWordPress AI Workflow Automation plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12174MEDIUMDirectorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.5.2 - Missing Authorization to Authenticated (Subscriber+) Data Export and Slug UpdateEPSS 0.2%CVE-2026-40098MEDIUMOpenMage LTS imports cross-user wishlist item via shared wishlist code, leading to private option disclosure and file-disclosure variantEPSS 0.2%CVE-2025-63001MEDIUMWordPress Hotel Booking plugin <= 3.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69028MEDIUMWordPress weForms plugin <= 1.6.25 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68084MEDIUMWordPress Ultimate Auction plugin <= 4.3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-61983MEDIUMWordPress Church Admin plugin <= 5.0.30 - Broken Access Control vulnerabilityEPSS 0.2%