Fallos del tipo CWE-862
6841 resultadosCVE-2023-41664MEDIUMWordPress Easy Newsletter Signups plugin <= 1.0.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-0845HIGHWCFM - WooCommerce Frontend Manager <= 6.7.24 - Authenticated (Shop Manager+) Arbitrary Options UpdateEPSS 0.4%CVE-2026-39429HIGHkcp's cache server is accessible without authentication or authorization checksEPSS 0.4%CVE-2024-5087MEDIUMMinimal Coming Soon – Coming Soon Page <= 2.38 - Missing Authorization to Limited Settings ChangeEPSS 0.4%CVE-2024-43274MEDIUMWordPress JS Help Desk – The Ultimate Help Desk plugin <= 2.8.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-2844MEDIUMEasy Appointments <= 3.11.18 - Insufficient AuthorizationEPSS 0.4%CVE-2024-9586MEDIUMLinkz.ai <= 1.1.8 - Missing Authorization to Unauthenticated Plugin Settings UpdateEPSS 0.4%CVE-2024-33558MEDIUMWordPress XStore Core plugin <= 5.3.5 - Limited Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2024-43982HIGHWordPress Login As Users plugin <= 1.4.3 - Broken Access Control to Account Takeover vulnerabilityEPSS 0.4%CVE-2025-30880HIGHWordPress JS Help Desk plugin <= 2.9.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-30797HIGHWordPress Greek Multi Tool – Fix peralinks, accents, auto create menus and more plugin <= 2.3.1 - Broken Access Control VulnerabilityEPSS 0.4%CVE-2026-3614HIGHAcyMailing 9.11.0 - 10.8.1 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.4%CVE-2025-5486CRITICALWP Email Debug 1.0 - 1.1.0 - Missing Authorization to Unauthenticated Privilege Escalation via Password ResetEPSS 0.4%CVE-2023-29433MEDIUMWordPress tencentcloud-cos plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-12190MEDIUMContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission DisclosureEPSS 0.4%CVE-2023-2555MEDIUMWPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Custom Drop-Down Currency Switcher CreationEPSS 0.4%CVE-2024-33561HIGHWordPress XStore theme <= 9.3.8 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-57899MEDIUMWordPress WP Compress Plugin <= 6.50.54 - Broken Access Control VulnerabilityEPSS 0.4%CVE-2024-13800HIGHPopup Plugin For WordPress - ConvertPlus <= 3.5.30 - Missing Authorization to Authenticated (Subscriber+) Limited Options UpdateEPSS 0.4%CVE-2025-39482MEDIUMWordPress Eventer plugin < 3.11.4 - Broken Access Control vulnerabilityEPSS 0.4%