Fallos del tipo CWE-862

6816 resultados
CVE-2022-21953HIGHAuthenticated user can gain unauthorized shell pod and kubectl access in the local cluster EPSS 0.5%CVE-2024-3761CRITICALMissing Authorization on Delete Datasets in lunary-ai/lunaryEPSS 0.5%CVE-2023-35037HIGHWordPress Surfer plugin <= 1.3.2.357 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-54378HIGHHAX CMS Backend Lacks Comprehensive Authorization ChecksEPSS 0.5%CVE-2022-43453HIGHWordPress WP Tools plugin <= 3.41 - Auth. Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-5713MEDIUMSystem Dashboard <= 2.8.7 - Missing Authorization to Information Disclosure (sd_option_value)EPSS 0.5%CVE-2024-33591HIGHWordPress Easy Accept Payments for PayPal plugin <= 4.9.10 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-5248MEDIUMImproper Access Control in lunary-ai/lunaryEPSS 0.5%CVE-2024-53819MEDIUMWordPress Client Invoicing by Sprout Invoices plugin <= 20.8.0 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.5%CVE-2023-40027LOWConditionally missing authorization in @keystone-6/coreEPSS 0.5%CVE-2024-53258HIGHdownload_all_submissions allows student to download another student's submissions in AutolabEPSS 0.5%CVE-2023-34381MEDIUMWordPress Zippy plugin <= 1.6.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2021-24993Ultimate Product Catalog < 5.0.26 - Subscriber+ Arbitrary Product Creation & Settings UpdateEPSS 0.5%CVE-2024-1904MEDIUMMasterStudy LMS <= 3.2.13 - Missing Authorization to Sensitive Information Exposure in search_postsEPSS 0.5%CVE-2023-40334MEDIUMWordPress HUSKY plugin <= 1.3.4.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-5710MEDIUMSystem Dashboard <= 2.8.7 - Missing Authorization to Information Disclosure (sd_constants)EPSS 0.5%CVE-2024-30505MEDIUMWordPress Church Admin plugin <= 4.1.18 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-5426HIGHPost Meta Data Manager <=1.2.0 - Missing Authorization to User, Term, and Post Meta DeletionEPSS 0.5%CVE-2023-36815HIGHSealos billing system permission control defectEPSS 0.5%CVE-2023-51418HIGHWordPress JVM rich text icons plugin <= 1.2.6 - Arbitrary File Deletion vulnerabilityEPSS 0.5%