Fallos del tipo CWE-862
6872 resultadosCVE-2024-13776HIGHZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update and Settings ManipulationEPSS 0.3%CVE-2024-4958HIGHUser Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.2.0.1 - Missing Authorization to Privilege EscalationEPSS 0.3%CVE-2024-32701MEDIUMWordPress InstaWP Connect plugin <= 0.1.0.24 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12331MEDIUMFile Manager Pro – Filester <= 1.8.6 - Missing Authorization to Authenticated (Subscriber+) Filebird Plugin InstallationEPSS 0.3%CVE-2024-34800HIGHWordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary plugin Installation vulnerabilityEPSS 0.3%CVE-2025-32593HIGHWordPress Add Product Frontend for WooCommerce plugin <= 1.0.8 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2024-10326MEDIUMRomethemeKit For Elementor <= 1.5.3 - Missing Authorization in save_options and reset_widgetsEPSS 0.3%CVE-2024-12712MEDIUMShopping Cart & eCommerce Store <= 5.7.8 - Missing Authorization to Order UpdatesEPSS 0.3%CVE-2024-54354MEDIUMWordPress Termin-Kalender plugin <= 0.99.47 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-51679MEDIUMWordPress BulkGate SMS Plugin for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67939MEDIUMWordPress Tickera plugin <= 3.5.6.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-56219MEDIUMWordPress Widget Options plugin <= 4.0.6.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12026MEDIUMMessage Filter for Contact Form 7 <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) New Filter CreationEPSS 0.3%CVE-2023-51671MEDIUMWordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Plugin Settings Change vulnerabilityEPSS 0.3%CVE-2026-40474HIGHwger has Broken Access Control in the Global Gym Configuration Update EndpointEPSS 0.3%CVE-2025-49925HIGHWordPress WPLMS plugin <= 1.9.9.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-8667MEDIUMHurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce <= 2.10.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post PublicationEPSS 0.3%CVE-2024-10786MEDIUMSimple Local Avatars <= 2.7.11 - Missing Authorization to Authenticated (Subscriber+) User Cache ClearingEPSS 0.3%CVE-2024-20355MEDIUMA vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (EPSS 0.3%CVE-2024-1438HIGHWordPress Rolo Slider plugin <= 1.0.9 - Broken Access Control vulnerabilityEPSS 0.3%