Fallos del tipo CWE-862
6793 resultadosCVE-2023-35049HIGHWordPress WooCommerce Stripe Payment Gateway plugin <= 7.4.0 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.6%CVE-2023-23868MEDIUMWordPress Cost of Goods for WooCommerce plugin <= 2.8.6 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2025-24580MEDIUMWordPress 12 Step Meeting List plugin <= 3.16.5 - Arbitrary Content Deletion vulnerabilityEPSS 0.6%CVE-2024-1176MEDIUMHT Easy GA4 – Google Analytics WordPress Plugin <= 1.1.5 - Missing Authorization to Unauthenticated GA4 Email UpdateEPSS 0.6%CVE-2023-27701HIGHMuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /database/sqldel.html.EPSS 0.6%CVE-2023-47148MEDIUMIBM Storage Protect Plus Server information disclosureEPSS 0.6%CVE-2021-4375MEDIUMWelcart e-Commerce < 2.2.8 - Missing Capabilities Check to Information DisclosureEPSS 0.6%CVE-2022-39233MEDIUMTuleap subject to Missing Authorization allowing for branch prefix modificationEPSS 0.6%CVE-2024-3581MEDIUMMaxGalleria <= 6.4.2 - Missing AuthorizationEPSS 0.6%CVE-2022-0756MEDIUMMissing Authorization in salesagility/suitecrmEPSS 0.6%CVE-2021-4376MEDIUMWooCommerce Multi Currency <= 2.1.17 - Missing AuthorizationEPSS 0.6%CVE-2023-37860HIGHPHOENIX CONTACT: Missing Authorization in WP 6xxx Web panelsEPSS 0.6%CVE-2025-3604CRITICALFlynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation via Account TakeoverEPSS 0.6%CVE-2023-2085MEDIUMEssential Blocks <= 4.0.6 - Missing Authorization via templatesEPSS 0.6%CVE-2025-62714HIGHKarmada Dashboard API Unauthorized Access VulnerabilityEPSS 0.6%CVE-2023-5132HIGHSoisy Pagamento Rateale <= 6.0.1 - Missing Authorization to Sensitive Information ExposureEPSS 0.6%CVE-2023-26957CRITICALonekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \admin\controller\plugins.EPSS 0.6%CVE-2026-0974HIGHOrderable <= 1.20.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin InstallationEPSS 0.6%CVE-2022-44009HIGHImproper access control in Key-Value RBAC in StackStorm version 3.7.0 didn't check the permissions in Jinja filters, allowing attackers to aEPSS 0.6%CVE-2024-43253MEDIUMWordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerabilityEPSS 0.6%