Fallos del tipo CWE-862
6908 resultadosCVE-2025-3766MEDIUMLogin Lockdown & Protection <= 2.11 - Missing Authorization to Authenticated (Subscriber+) Arbitrary IP WhitelistingEPSS 0.3%CVE-2025-14843MEDIUMWizit Gateway for WooCommerce <= 1.2.9 - Missing Authentication to Unauthenticated Arbitrary Order CancellationEPSS 0.3%CVE-2025-12384HIGHDocument Embedder – Embed PDFs, Word, Excel, and Other Files <= 2.0.0 - Missing Authorization to Unauthenticated Document ManipulationEPSS 0.3%CVE-2025-49916HIGHWordPress MultiVendorX plugin <= 4.2.23 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47529MEDIUMWordPress Experto CTA Widget – Call To Action, Sticky CTA, Floating Button Plugin <= 1.1.1 - Settings Change VulnerabilityEPSS 0.3%CVE-2023-46203MEDIUMWordPress Just Custom Fields plugin <= 3.3.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-35741MEDIUMWordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3557MEDIUMScriptAndTools eCommerce-website-in-PHP cross-site request forgeryEPSS 0.3%CVE-2025-69137MEDIUMWordPress Genemy theme <= 1.6.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-57353MEDIUMWordPress Link Whisper Premium plugin <= 2.9.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-55995MEDIUMWordPress Torod plugin <= 1.7 - Settings Change vulnerabilityEPSS 0.3%CVE-2024-45307HIGHSudoBot missing authorization check in `-config` commandEPSS 0.3%CVE-2023-52177MEDIUMWordPress Integrate Google Drive plugin <= 1.3.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-32725MEDIUMWordPress 5 Stars Rating Funnel plugin 1.2.67 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12617MEDIUMWC Price History for Omnibus <= 2.1.3 - Missing AuthorizationEPSS 0.3%CVE-2024-6175MEDIUMBooking Ultra Pro <= 1.1.13 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdatesEPSS 0.3%CVE-2024-13530MEDIUMCustom Login Page Styler <= 7.1.1 - Missing Authorization to Authenticated (Subsciber+) Log Deletion and Session TerminationEPSS 0.3%CVE-2025-55471HIGHIncorrect access control in the getUserFormData function of youlai-boot v2.21.1 allows attackers to access sensitive information for other uEPSS 0.3%CVE-2024-5127MEDIUMImproper Access Control in lunary-ai/lunaryEPSS 0.3%CVE-2025-30926MEDIUMWordPress King Addons for Elementor plugin <= 24.12.58 - Broken Access Control VulnerabilityEPSS 0.3%