Fallos del tipo CWE-862
6813 resultadosCVE-2024-30477MEDIUMWordPress Klarna Payments for WooCommerce plugin <= 3.2.4 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-6600HIGHOMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. <= 5.7.9 - Missing Authorization to Unauthenticated Directory Deletion and Cross-Site ScriptingEPSS 0.5%CVE-2023-24407MEDIUMWordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-25791MEDIUMWordPress Fontiran plugin <= 2.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-12922CRITICALAltair <= 5.2.4 - Unauthenticated Arbitrary Options Update via pp_import_currentEPSS 0.5%CVE-2023-33994MEDIUMWordPress Slimstat Analytics plugin <= 5.0.5.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-53816MEDIUMWordPress Tutor LMS Elementor Addons plugin <= 2.1.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-2543—Visual Portfolio < 2.18.0 - Unauthenticated CSS InjectionEPSS 0.5%CVE-2025-21514MEDIUMVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are EPSS 0.5%CVE-2025-3746CRITICALOTP-less one tap Sign in 2.0.14 - 2.0.59 - Unauthenticated Arbitrary Email Update to Account Takeover/Privilege EscalationEPSS 0.5%CVE-2023-50899MEDIUMWordPress Product Catalog Enquiry for WooCommerce by MultiVendorX plugin <= 5.0.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-13313CRITICALCRM Memberships <= 2.6 - Missing Authorization to Privilege Escalation via Unauthenticated Password Reset in 'ntzcrm_changepassword' AJAX EndpointEPSS 0.5%CVE-2024-54271MEDIUMWordPress WPCargo Track & Trace plugin <= 8.0.2 - Settings Change vulnerabilityEPSS 0.5%CVE-2024-54310MEDIUMWordPress Gou Manage My Account Menu plugin <= 1.0.1.8 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-41698MEDIUMWordPress If Menu – Visibility control for Menus plugin <= 0.16.3 - Broken Access ControlEPSS 0.5%CVE-2024-54311MEDIUMWordPress Mark New Posts plugin <= 7.5.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-48750MEDIUMWordPress Void Elementor Post Grid Addon for Elementor Page builder plugin <= 2.1.10 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-44149MEDIUMWordPress Brands for WooCommerce plugin <= 3.8.2.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-49832MEDIUMWordPress Site Reviews plugin <= 6.10.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-27309MEDIUMA vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails EPSS 0.5%