Fallos del tipo CWE-862

6850 resultados
CVE-2025-31691CRITICALOAuth2 Server - Moderately critical - Access bypass - SA-CONTRIB-2025-020EPSS 0.4%CVE-2023-32574MEDIUMWordPress Injection Guard plugin <= 1.2.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-0596MEDIUMAwesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via editor_html()EPSS 0.4%CVE-2023-41869MEDIUMWordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-46196MEDIUMWordPress Social proof testimonials and reviews by Repuso plugin <= 4.97 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-10078MEDIUMWP Easy Post Types <= 1.4.4 - Authenticated (Subscriber+) Missing Authorization via Multiple FunctionsEPSS 0.4%CVE-2026-27796MEDIUMHomarr: Unauthenticated Information Disclosure (Integration Metadata Leak)EPSS 0.4%CVE-2022-48350HIGHThe HUAWEI Messaging app has a vulnerability of unauthorized file access. Successful exploitation of this vulnerability may affect confidentEPSS 0.4%CVE-2023-41873MEDIUMWordPress SAML Single Sign On – SSO Login plugin <= 5.0.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-67586MEDIUMWordPress Highlight and Share plugin <= 5.2.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-50459MEDIUMWordPress AidWP plugin <= 3.2.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-44549HIGHThe LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to accEPSS 0.4%CVE-2024-9583MEDIUMRSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 4.23.12 - Missing AuthorizationEPSS 0.4%CVE-2024-39664HIGHWordPress Filter & Grids plugin <= 2.8.32 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2024-32681MEDIUMWordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-5704MEDIUMXPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.4%CVE-2025-31533MEDIUMWordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-48759HIGHWordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Arbitrary Attachment Download vulnerabilityEPSS 0.4%CVE-2025-24642MEDIUMWordPress Setup Default Featured Image plugin <= 1.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37898MEDIUMXWiki Platform vulnerable to document deletion and overwrite from editEPSS 0.4%