Fallos del tipo CWE-862
6928 resultadosCVE-2025-1668MEDIUMSchool Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Arbitrary User DeletionEPSS 0.3%CVE-2024-13651MEDIUMRapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting ResetEPSS 0.3%CVE-2026-12404MEDIUMNEX-Forms <= 9.2.2 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via CSVExport ClassEPSS 0.3%CVE-2026-0692HIGHBlueSnap Payment Gateway for WooCommerce <= 3.4.0 - Missing Authorization to Unauthenticated Arbitrary Order Status ManipulationEPSS 0.3%CVE-2025-60247MEDIUMWordPress Bux Woocommerce plugin <= 1.2.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-49687MEDIUMWordPress Smart Manager plugin <= 8.45.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-56255MEDIUMWordPress AyeCode Connect plugin <= 1.3.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-52670HIGHMissing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users on the system to delete banners owned by otEPSS 0.3%CVE-2024-56244MEDIUMWordPress Ashe Extra plugin <= 1.2.92 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-27021MEDIUMDiscourse: Poll voters endpoint lacked post visibility checksEPSS 0.3%CVE-2025-10648MEDIUMLogin with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes'EPSS 0.3%CVE-2024-37544MEDIUMWordPress Get Better Reviews for WooCommerce plugin <= 4.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-12955HIGHLive sales notification for WooCommerce <= 2.3.39 - Missing Authorization to Unauthenticated Customer Data ExposureEPSS 0.3%CVE-2024-56002MEDIUMWordPress Contact Form, Survey & Form Builder – MightyForms plugin <= 1.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14720MEDIUMBooking for Appointments and Events Calendar – Amelia <= 1.2.38 - Missing Authorization to Unauthenticated Multiple AJAX ActionsEPSS 0.3%CVE-2024-47337MEDIUMWordPress Joy Of Text Lite plugin <= 2.3.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67566MEDIUMWordPress Woffice Core plugin <= 5.4.30 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-34233MEDIUMCtrlPanel has Missing Authentication Checks in Datatable Admin EndpointsEPSS 0.3%CVE-2023-47828MEDIUMWordPress wpMandrill plugin <= 1.33 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-5860MEDIUMTickera <= 3.5.2.8 - Missing Authorization to Authenticated (Susbcriber+) Ticket DeletionEPSS 0.3%