Fallos del tipo CWE-862
6811 resultadosCVE-2024-3546MEDIUMWordPress Backup & Migration <= 1.4.8 - Missing Authorization to Directory TraversalEPSS 0.5%CVE-2022-41807MEDIUMMissing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to aEPSS 0.5%CVE-2026-0488CRITICALCode Injection vulnerability in SAP CRM and SAP S/4HANA (Scripting Editor)EPSS 0.5%CVE-2024-0617MEDIUMCategory Discount Woocommerce <= 4.12 - Missing Authorization via wpcd_save_discount()EPSS 0.5%CVE-2024-11443HIGHde:branding <= 1.0.2 - Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.5%CVE-2026-26268HIGHCursor sandbox escape via Git hooksEPSS 0.5%CVE-2023-25457MEDIUMWordPress Slider Carousel – Responsive Image Slider plugin <=1.5.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-28689MEDIUMWordPress JS Job Manager plugin <= 2.0.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-53803MEDIUMWordPress WP Mailster plugin <= 1.8.16.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-31242CRITICALThe mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset functionality accessible via the DELETE /memorieEPSS 0.5%CVE-2026-40976CRITICALIn certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an applicatioEPSS 0.5%CVE-2023-27608MEDIUMWordPress Points and Rewards for WooCommerce plugin <= 1.5.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-4660MEDIUMMissing Authorization in GitLabEPSS 0.5%CVE-2023-47648HIGHWordPress EazyDocs plugin <= 2.3.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-36912MEDIUMA missing permission check in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an aEPSS 0.5%CVE-2024-43122MEDIUMWordPress Robin image optimizer plugin <= 1.6.9 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-49818MEDIUMWordPress Webflow Pages plugin <= 1.0.8 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-4031HIGHDatabase Backup for WordPress <= 2.5.2 - Missing Authorization to Unauthenticated Database Backup InterceptionEPSS 0.5%CVE-2024-42434MEDIUMZoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Missing AuthorizationEPSS 0.5%CVE-2024-37470HIGHWordPress Woffice Core plugin <= 5.4.8 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.5%