Fallos del tipo CWE-862
6793 resultadosCVE-2024-32717MEDIUMWordPress SchedulePress plugin <= 5.0.8 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2023-0555HIGHQuick Restaurant Menu <= 2.0.2 - Missing AuthorizationEPSS 0.6%CVE-2023-50373MEDIUMWordPress Alt Manager plugin <= 1.6.1 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2023-49154MEDIUMWordPress Button Generator – easily Button Builder plugin <= 2.3.8 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-1387MEDIUMHappy Addons for Elementor <= 3.10.4 - Incorrect Authorization to Information ExposureEPSS 0.6%CVE-2023-52224MEDIUMWordPress Revolut Gateway for WooCommerce plugin <= 4.9.7 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2023-0712MEDIUMWicked Folders <= 2.18.16 - Missing Authorization on ajax_move_objectEPSS 0.6%CVE-2023-2280MEDIUMWP Directory Kit <= 1.2.2 - Missing Authorization to Plugin Installation, Settings Change/Delete, Demo Import, Directory Kit Deletion via wdk_public_actionEPSS 0.6%CVE-2023-0719MEDIUMWicked Folders <= 2.18.16 - Missing Authorization on ajax_save_sort_orderEPSS 0.6%CVE-2022-38057MEDIUMWordPress TH Advance Product Search plugin <= 1.2.1 - Unauthenticated Plugin Settings Reset vulnerabilityEPSS 0.6%CVE-2026-34759CRITICALOneUptime: Unauthenticated notification API endpoints - financial abuse via phone number purchase, service disruption, and SMTP credential exposureEPSS 0.6%CVE-2024-0907MEDIUMNEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via restore_records()EPSS 0.6%CVE-2024-1130MEDIUMNEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via set_read()EPSS 0.6%CVE-2025-8342HIGHWooCommerce OTP Login With Phone Number, OTP Verification <= 1.8.47 - Authentication BypassEPSS 0.6%CVE-2024-1129MEDIUMNEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via set_starred()EPSS 0.6%CVE-2025-30461CRITICALAn access issue was addressed with additional sandbox restrictions on the system pasteboards. This issue is fixed in macOS Sequoia 15.4. An EPSS 0.6%CVE-2025-22612CRITICALCoolify Vulnerable to Private Key Enumeration on Onboarding resulting in Remote Command Execution (RCE)EPSS 0.6%CVE-2023-50903MEDIUMWordPress Metform Elementor Contact Form Builder plugin <= 3.4.0 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2026-43639HIGHBitwarden Server < 2026.4.0 Missing Authorization via Provider ClientsEPSS 0.6%CVE-2022-46850HIGHWordPress Easy Media Replace Plugin <= 0.1.3 is vulnerable to Arbitrary File DeletionEPSS 0.6%