Fallos del tipo CWE-862

6856 resultados
CVE-2024-52480MEDIUMWordPress Jobify plugin < 4.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-38714MEDIUMWordPress WP Fast Total Search <= 1.68.232 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-47841MEDIUMWordPress Analytify plugin <= 5.1.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1042MEDIUMWP Radio – Worldwide Online Radio Stations Directory for WordPress <= 3.1.9 - Missing Authorization via multiple AJAX actionsEPSS 0.4%CVE-2024-38504MEDIUMIn JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articlesEPSS 0.4%CVE-2023-47849MEDIUMWordPress BlossomThemes Email Newsletter plugin <= 2.2.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-38719MEDIUMWordPress Auto Featured Image plugin <= 4.1.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-6033MEDIUMEvent Manager, Events Calendar, Tickets, Registrations – Eventin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Event Data ImportEPSS 0.4%CVE-2024-12201MEDIUMHash Form <= 1.2.1 - Missing Authorization to Authenticated (Contributor+) Form Style CreationEPSS 0.4%CVE-2024-37482MEDIUMWordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31736MEDIUMWordPress Rich Text Editor Plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-40608HIGHWordPress Paid Memberships Pro CCBill Gateway plugin <= 0.3 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-31099MEDIUMWordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-24974HIGHDataEase Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read VulnerabilityEPSS 0.4%CVE-2025-3952HIGHProjectopia &#8211; WordPress Project Management <= 5.1.16 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option DeletionEPSS 0.4%CVE-2025-31729MEDIUMWordPress WooTumblog plugin <= 2.1.4 - Content Injection vulnerabilityEPSS 0.4%CVE-2024-32692HIGHWordPress Chauffeur Taxi Booking System for WordPress plugin <= 6.9 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2025-31768MEDIUMWordPress Widget Manager Light plugin <= 1.18 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-30463MEDIUMWordPress BEAR plugin <= 1.1.4.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1861MEDIUMDisable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan <= 4.52 - Missing Authorization to Authenticated (Subscriber+) Table TruncationEPSS 0.4%