Fallos del tipo CWE-862
6851 resultadosCVE-2024-43208MEDIUMWordPress Send Emails with Mandrill plugin <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-53799MEDIUMWordPress FloristPress plugin <= 7.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-46644MEDIUMWordPress WordPress CTA plugin <= 1.5.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-23611MEDIUMxblock-lti-consumer contain Missing Authorization in Grade Pass Back ImplementationEPSS 0.4%CVE-2026-30950HIGHAutoGPT has Authenticated Session Hijacking via IDOREPSS 0.4%CVE-2026-42228MEDIUMn8n: Hijacking of Unauthenticated Chat ExecutionEPSS 0.4%CVE-2024-1717MEDIUMAdmin Notices Manager <= 1.4.0 - Missing Authorization to Authenticated (Subscriber+) User Email RetrievalEPSS 0.4%CVE-2025-3063HIGHShopper Approved Reviews 2.0 - 2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.4%CVE-2024-48044MEDIUMWordPress ShortPixel Image Optimizer plugin <= 5.6.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-32311HIGHThe CloudExplorer Lite missing permissions checkEPSS 0.4%CVE-2025-31686HIGHOpen Social - Less critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-015EPSS 0.4%CVE-2025-11158CRITICALHitachi Vantara Pentaho Data Integration & Analytics - Missing AuthorizationEPSS 0.4%CVE-2024-32705HIGHWordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary Plugin Activation/Deactivation VulnerabilityEPSS 0.4%CVE-2026-33761MEDIUMAVideo: Unauthenticated Access to Scheduler Plugin Endpoints Leaks Scheduled Tasks, Email Content, and User MappingsEPSS 0.4%CVE-2024-24835MEDIUMWordPress BEAR plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37204MEDIUMWordPress PropertyHive plugin <= 2.0.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-32316HIGHUsers can add themselves to any organization in CloudExplorer LiteEPSS 0.4%CVE-2024-13783MEDIUMFormCraft <= 3.9.11 - Missing Authorization to Plugin Data Export in formcraft-main.phpEPSS 0.4%CVE-2024-32678MEDIUMWordPress TrackShip for WooCommerce plugin <= 1.7.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-3640MEDIUMSTRABL <= 4.5 - Unauthenticated Arbitrary Webhook Creation via REST API EndpointEPSS 0.4%