Fallos del tipo CWE-862
6872 resultadosCVE-2024-34444HIGHWordPress Slider Revolution plugin < 6.7.0 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-7858MEDIUMMedia Library Folders <= 8.2.3 - Missing Authorization on Various FunctionsEPSS 0.3%CVE-2024-13368MEDIUMYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.3%CVE-2025-32210MEDIUMWordPress CM Registration and Invitation Codes plugin <= 2.5.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-33768MEDIUMAstro: Unauthenticated Path Override via `x-astro-path` / `x_astro_path`EPSS 0.3%CVE-2024-33000LOWMissing Authorization check in SAP Bank Account ManagementEPSS 0.3%CVE-2024-11743MEDIUMSourceCodester Best House Rental Management System POST Request ajax.php cross-site request forgeryEPSS 0.3%CVE-2025-1681MEDIUMCardealer <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Change and Delete JS and CSS FilesEPSS 0.3%CVE-2025-69052CRITICALWordPress Registration & Login with Mobile Phone Number for WooCommerce plugin <= 1.3.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-4105LOWAttachment of deleted message in a thread remains accessible and downloadable EPSS 0.3%CVE-2025-26741HIGHWordPress Email Notifications for Updates <= 1.1.6 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-2876MEDIUMMelaPress Login Security and MelaPress Login Security Premium 2.1.0 - Missing Authorization to Unauthenticated Arbitrary User DeletionEPSS 0.3%CVE-2025-26995MEDIUMWordPress Market Exporter plugin <= 2.0.21 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26959HIGHWordPress Administrator Z <= 2025.03.24 - Privilege Escalation VulnerabilityEPSS 0.3%CVE-2024-56007MEDIUMWordPress Leader plugin <= 2.6.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25083HIGHGROWI OpenAI thread/message API endpoints do not perform authorization. Affected are v7.4.5 and earlier versions. A logged-in user who knowsEPSS 0.3%CVE-2023-45271MEDIUMWordPress ProductX – Gutenberg WooCommerce Blocks plugin <= 2.7.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22729MEDIUMWordPress VOD Infomaniak plugin <= 1.5.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22694MEDIUMWordPress Hide Shipping Method For WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-11133MEDIUMEventer <= 3.9.9.5 - Missing Authorization to Unauthenticated Event Ticket DownloadEPSS 0.3%