Fallos del tipo CWE-862
6839 resultadosCVE-2023-36528MEDIUMWordPress kk Star Ratings plugin <= 5.4.3 - Rate Manipulation due to IP Spoofing VulnerabilityEPSS 0.5%CVE-2023-41683MEDIUMWordPress TelSender plugin <= 1.14.11 - Broken Access Control + CSRF vulnerabilityEPSS 0.5%CVE-2024-33595MEDIUMWordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on Duplicate Post vulnerabilityEPSS 0.5%CVE-2023-41688MEDIUMWordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-36680MEDIUMWordPress Image Regenerate & Select Crop plugin <= 7.1.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-41803MEDIUMWordPress BitPay Checkout for WooCommerce plugin <= 4.1.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-70146CRITICALMissing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remotEPSS 0.5%CVE-2023-41952MEDIUMWordPress Fluent Forms plugin <= 5.0.8 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-36519MEDIUMWordPress SW Product Bundles plugin <= 2.0.15 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-53298CRITICALDell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains a missing authorization vulnerability in the NFS export. An unauthenticatEPSS 0.5%CVE-2023-36526MEDIUMWordPress Duplicate Post Page Menu & Custom Post Type plugin <= 2.4.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-34976CRITICALDgraph Affected by Pre-Auth Database Overwrite + SSRF + File Read via restoreTenant Missing AuthorizationEPSS 0.5%CVE-2024-5648MEDIUMLearnDash LMS - Reports Free <= 1.8.2.1 - Missing Authorization to Plugin Settings UpdateEPSS 0.5%CVE-2024-10574HIGHQuiz Maker Business, Developer, and Agency <= (Multiple Versions) - Missing Authorization to Google Sheets Integration Credentials Modification and Stored Cross-Site ScriptingEPSS 0.5%CVE-2025-28872MEDIUMWordPress Block Spam By Math Reloaded plugin <= 2.2.4 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-38385HIGHWordPress Jupiter X Core plugin <= 3.3.0 - Multiple Auth. Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-45677HIGHRocket.Chat: Lack of SAML Signature Check During Logout Could Lead To DoSEPSS 0.5%CVE-2024-57682MEDIUMAn information disclosure vulnerability in the component d_status.asp of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attacEPSS 0.5%CVE-2024-5129HIGHPrivilege Escalation Vulnerability in lunary-ai/lunaryEPSS 0.4%CVE-2022-43431MEDIUMJenkins Compuware Strobe Measurement Plugin 1.0.1 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers wiEPSS 0.4%