Fallos del tipo CWE-862

7074 resultados
CVE-2026-32408MEDIUMWordPress Brizy plugin <= 2.7.23 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32446MEDIUMWordPress Contact Form by WPForms plugin <= 1.9.9.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14817MEDIUMFactory Mode App Exists Privilege Escalation Issue Allowing Third-Party Apps to Open ADBEPSS 0.2%CVE-2026-32417MEDIUMWordPress Pochipp plugin < 1.18.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66105MEDIUMWordPress Bus Ticket Booking with Seat Reservation plugin < 5.6.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42541MEDIUMKubewarden: RBAC Reconnaissance via unchecked can_i host capability callEPSS 0.2%CVE-2026-25019MEDIUMWordPress Atarim plugin <= 4.3.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66108MEDIUMWordPress TNC Toolbox: Web Performance plugin <= 2.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68581MEDIUMWordPress YITH Slider for page builders plugin <= 1.0.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-43341HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be ableEPSS 0.2%CVE-2026-1217MEDIUMYoast Duplicate Post <= 4.5 - Authenticated (Contributor+) Missing Authorization to Arbitrary Post Duplication and OverwriteEPSS 0.2%CVE-2026-60119MEDIUMHi.Events < 1.11.0 XSS via Event Title JSON.stringify InjectionEPSS 0.2%CVE-2026-57952MEDIUMMythic < 3.4.0.60 - Unauthorized C2 Profile Configuration Access via Unverified Payload UUIDEPSS 0.2%CVE-2026-27393MEDIUMWordPress CF7 WOW Styler plugin <= 1.7.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64729HIGHAVEVA Process Optimization Missing AuthorizationEPSS 0.2%CVE-2025-62091MEDIUMWordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.8.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-5139MEDIUMGitLab Plugin Allows Non-Admin Users to Modify Default Instance ConfigurationEPSS 0.2%CVE-2026-24312MEDIUMMissing authorization check in SAP Business WorkflowEPSS 0.2%CVE-2025-69341MEDIUMWordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-33420MEDIUMVaultwarden missing authorization check allows Manager-role users to enumerate all collectionsEPSS 0.2%