Fallos del tipo CWE-862
6851 resultadosCVE-2023-40670MEDIUMWordPress ReviewX plugin <= 1.6.17 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-35665MEDIUMWordPress Insert Post Ads plugin <= 1.3.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-54802HIGHWordPress SMS Alert Order Notifications plugin <= 3.9.3 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2023-52211MEDIUMWordPress WP Job Manager plugin <= 2.0.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-12920HIGHFoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Missing Authorization in Multiple FunctionsEPSS 0.4%CVE-2025-26372HIGHA CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authEPSS 0.4%CVE-2024-5855MEDIUMMedia Hygiene <= 3.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment DeletionEPSS 0.4%CVE-2023-27449MEDIUMWordPress Total Poll Lite plugin <= 4.8.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31004MEDIUMWordPress Rich Table of Contents plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43120MEDIUMWordPress TypeSquare Webfonts plugin <= 2.0.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-28416MEDIUMWordPress Chankhe theme <= 1.0.5 - Authenticated Arbitrary Plugin Activation vulnerabilityEPSS 0.4%CVE-2024-12413MEDIUMMarketKing — Ultimate WooCommerce Multivendor Marketplace Solution <= 2.0.00 - Missing AuthorizationEPSS 0.4%CVE-2025-22715HIGHWordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2025-59022HIGHTYPO3 CMS Allows Broken Access Control in Recycler ModuleEPSS 0.4%CVE-2026-27388HIGHWordPress DesignThemes Booking Manager plugin <= 2.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-22298MEDIUMWordPress Amelia plugin <= 1.0.98 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-40702MEDIUMWordPress Advanced Local Pickup for WooCommerce Plugin <= 1.5.2 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2025-58073HIGHArbitrary Mattermost Team can be joined by manipulating the OAuth stateEPSS 0.4%CVE-2024-32957MEDIUMWordPress Page Builder: Live Composer plugin <= 1.5.38 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1041MEDIUMWP Radio – Worldwide Online Radio Stations Directory for WordPress <= 3.1.9 - Authenticated(Subscriber+) Stored Cross-Site Scripting via SettingsEPSS 0.4%