Fallos del tipo CWE-288
584 resultadosCVE-2024-26566HIGHAn issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component.EPSS 0.6%CVE-2024-37893MEDIUMMFA bypass in oauth flow in Firefly IIIEPSS 0.6%CVE-2024-11286CRITICALWP JobHunt <= 7.1 - Authentication BypassEPSS 0.6%CVE-2026-28411CRITICALWeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)`EPSS 0.6%CVE-2024-12402CRITICALThemes Coder – Create Android & iOS Apps For Your Woocommerce Site <= 1.3.4 - Insecure Direct Object Reference to Password Change/Account Takeover/Privilege EscalationEPSS 0.6%CVE-2025-26966CRITICALWordPress PrivateContent plugin <= 8.11.5 - Unauthenticated Account Takeover vulnerabilityEPSS 0.6%CVE-2025-30026MEDIUMThe AXIS Camera Station Server had a flaw that allowed
to bypass authentication that is normally required.EPSS 0.6%CVE-2025-7710CRITICALBrave Conversion Engine (PRO) <= 0.7.7 - Authentication Bypass to AdministratorEPSS 0.6%CVE-2021-4353MEDIUMWooCommerce Dynamic Pricing and Discounts <= 2.4.1 - Unauthenticated Settings Import/ExportEPSS 0.6%CVE-2025-24095HIGHThis issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, visionOS 2.4. An app may be abEPSS 0.6%CVE-2025-1638CRITICALAlloggio Membership <= 1.1 - Authentication Bypass via Social Login Account TakeoverEPSS 0.6%CVE-2024-13182CRITICALWP Directorybox Manager <= 2.5 - Authentication BypassEPSS 0.6%CVE-2026-32130HIGHZITADEL SCIM Authentication Bypass via URL EncodingEPSS 0.6%CVE-2024-5204HIGHSwiss Toolkit For WP <= 1.0.7 - Authenticated (Contributor+) Authentication BypassEPSS 0.6%CVE-2024-4544CRITICALPie Register - Social Sites Login (Add on) <= 1.7.7 - Authentication BypassEPSS 0.6%CVE-2025-10538HIGHAuthentication Bypass in LG Innotek CameraEPSS 0.6%CVE-2026-7458CRITICALUser Verification by PickPlugins <= 2.0.46 - Unauthenticated Authentication Bypass via OTP Verification REST API EndpointEPSS 0.6%CVE-2024-4552CRITICALSocial Login Lite For WooCommerce <= 1.6.0 - Authentication BypassEPSS 0.6%CVE-2026-2775CRITICALMitigation bypass in the DOM: HTML Parser componentEPSS 0.6%CVE-2022-23722—PingFederate Password Reset via Authentication API MishandlingEPSS 0.6%