Fallos del tipo CWE-862
6850 resultadosCVE-2024-31243HIGHWordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion vulnerabilityEPSS 0.4%CVE-2025-24682MEDIUMWordPress Super Block Slider plugin <= 2.7.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-1508MEDIUMWP Crowdfunding <= 2.1.14 - Missing Authorization to Authenticated (Subscriber+) Post Content DownloadEPSS 0.4%CVE-2023-23672MEDIUMWordPress GiveWP plugin <= 2.25.1 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2023-1929MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_purgecache_varnish_callback'EPSS 0.4%CVE-2023-1931MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization in 'deleteCssAndJsCacheToolbar'EPSS 0.4%CVE-2024-12164MEDIUMWPSyncSheets Lite For WPForms – WPForms Google Spreadsheet Addon <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Settings ResetEPSS 0.4%CVE-2025-24753MEDIUMWordPress Kadence Blocks plugin <= 3.3.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-12925MEDIUMrymcu forest UserDicController.java deleteDic authorizationEPSS 0.4%CVE-2025-26853CRITICALDESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema.EPSS 0.4%CVE-2025-2848MEDIUMA vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some nonEPSS 0.4%CVE-2024-5941MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Missing Authorization to Authenticated (Subscriber+) Limited File DeletionEPSS 0.4%CVE-2025-23529MEDIUMWordPress Minterpress plugin <= 1.0.5 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2024-44208HIGHThis issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15. An app may be able to bypass certain PrEPSS 0.4%CVE-2023-1930MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization in 'wpfc_clear_cache_of_allsites_callback'EPSS 0.4%CVE-2026-48582CRITICALMicrosoft Exchange Online Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2025-5815MEDIUMTraffic Monitor <= 3.2.2 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.4%CVE-2023-30476MEDIUMWordPress Blogger Buzz theme <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-29431MEDIUMWordPress qTranslate X Cleanup and WPML Import plugin <= 3.0.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-24691MEDIUMWordPress People Lists plugin <= 1.3.10 - Broken Access Control vulnerabilityEPSS 0.4%