Fallos del tipo CWE-862
7075 resultadosCVE-2025-14350MEDIUMInformation disclosure via channel mentions in postsEPSS 0.2%CVE-2023-21094HIGHIn sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permissEPSS 0.2%CVE-2026-13235LOWAI (Artificial Intelligence) - Moderately critical - Access bypass - SA-CONTRIB-2026-055EPSS 0.2%CVE-2023-48684HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2024-32589HIGHWordPress Barcode Scanner and Inventory manager plugin <= 1.5.3 - Broken Access Control to XSS vulnerabilityEPSS 0.2%CVE-2025-12168MEDIUMPhrase TMS Integration for WordPress <= 4.7.5 - Missing Authorization to Authenticated (Subscriber+) Log DeletionEPSS 0.2%CVE-2026-57294MEDIUMA missing permission check in Jenkins EC2 Fleet Plugin 4.2.3.539.v8fedff2a_81c3 and earlier allows attackers with Overall/Read permission toEPSS 0.2%CVE-2026-44750MEDIUMMissing Authorization check in SAP MDG (Review Match Groups Application)EPSS 0.2%CVE-2026-11909LOWExamples for Developers - Moderately critical - Access bypass - SA-CONTRIB-2026-044EPSS 0.2%CVE-2025-15516MEDIUMAll-in-One Video Gallery 4.1.0 - 4.6.4 - Missing Authorization to Authenticated (Subscriber+) Limited User Meta UpdateEPSS 0.2%CVE-2026-57304MEDIUMA missing permission check in Jenkins Assembla Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attackeEPSS 0.2%CVE-2026-39704MEDIUMWordPress Precious Metals Automated Product Pricing – Pro plugin <= 4.0.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2022-20506HIGHIn onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to local escalation of privilege from a guest uEPSS 0.2%CVE-2026-33426LOWDiscourse users can edit or synonymize hidden tags they can't seeEPSS 0.2%CVE-2026-39706MEDIUMWordPress Make My Trivia plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64210MEDIUMWordPress Masterstudy Elementor Widgets plugin <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2022-20503HIGHIn onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permiEPSS 0.2%CVE-2026-9582MEDIUMSourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgeryEPSS 0.2%CVE-2026-57923MEDIUMIn JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settingsEPSS 0.2%CVE-2026-32447MEDIUMWordPress Atarim plugin <= 4.3.2 - Broken Access Control vulnerabilityEPSS 0.2%