Fallos del tipo CWE-862
6816 resultadosCVE-2023-36815HIGHSealos billing system permission control defectEPSS 0.5%CVE-2023-48274MEDIUMWordPress WCMultiShipping plugin <= 2.3.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-2716MEDIUMGroundhogg <= 2.7.9.8 - Missing Authorization to Non-Arbitrary File UploadEPSS 0.5%CVE-2023-3403MEDIUMProfileGrid <= 5.5.1 - Missing Authorization to User ImportEPSS 0.5%CVE-2025-24705MEDIUMWordPress WooCommerce Quick View plugin <= 1.1.1 - Sensitive Data Exposure vulnerabilityEPSS 0.5%CVE-2024-9189MEDIUMEU/UK VAT Manager for WooCommerce <= 2.12.12 - Missing AuthorizationEPSS 0.5%CVE-2023-4469MEDIUMProfile Extra Fields by BestWebSoft <= 1.2.7 - Missing Authorization to Sensitive Information ExposureEPSS 0.5%CVE-2025-1021HIGHMissing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 EPSS 0.5%CVE-2025-54943CRITICALSUNNET Corporate Training Management System - Missing AuthorizationEPSS 0.5%CVE-2024-33594HIGHWordPress Leaky Paywall plugin <= 4.20.8 - Price Manipulation vulnerabilityEPSS 0.5%CVE-2024-5940MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 3.13.0 - Missing Authorization to Unauthenticated Event Settings UpdateEPSS 0.5%CVE-2023-47826MEDIUMWordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.3 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-53923CRITICALUliCMS 2023.1 Privilege Escalation via Unauthenticated Admin Account CreationEPSS 0.5%CVE-2024-3553MEDIUMTutor LMS <= 2.6.2 - Missing Authorization to Unauthenticated Limited Options UpdateEPSS 0.5%CVE-2022-41790MEDIUMWordPress WP Time Slots Booking Form Plugin <= 1.1.76 is vulnerable to Broken Access ControlEPSS 0.5%CVE-2024-33589MEDIUMWordPress KB Support plugin <= 1.6.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2021-38164MEDIUMSAP ERP Financial Accounting (RFOPENPOSTING_FR) versions - SAP_APPL - 600, 602, 603, 604, 605, 606, 616, SAP_FIN - 617, 618, 700, 720, 730, EPSS 0.5%CVE-2023-2275MEDIUMWooCommerce Multivendor Marketplace – REST API <= 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order/Order Note Disclosure, Order Note Addition via REST APIEPSS 0.5%CVE-2025-39513MEDIUMWordPress ActiveDEMAND plugin <= 0.2.46 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-39312CRITICALWordPress Avada theme <= 7.11.1 - Auth. Unrestricted Zip Extraction vulnerabilityEPSS 0.5%