Fallos del tipo CWE-862
6842 resultadosCVE-2023-2555MEDIUMWPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Custom Drop-Down Currency Switcher CreationEPSS 0.4%CVE-2023-52220MEDIUMWordPress MonsterInsights plugin <= 8.21.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-50898MEDIUMWordPress Image Optimizer, Resizer and CDN – Sirv plugin <= 7.1.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-47361MEDIUMWordPress Elementor Addon Elements plugin <= 1.13.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-11912HIGHSimple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX ActionEPSS 0.4%CVE-2023-40011MEDIUMWordPress Cost Calculator Builder plugin <= 3.1.42 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-6303CRITICALMissing Authorization in ConduitEPSS 0.4%CVE-2024-43136MEDIUMWordPress Sunshine Photo Cart plugin <= 3.2.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-2292HIGHAccess Control Vulnerabilities lead to Violation of Privacy and Modification of Personal DataEPSS 0.4%CVE-2025-25167HIGHWordPress BookPress – For Book Authors Plugin <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-2262HIGHLogo Slider <= 3.7.3 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2023-4245MEDIUMWooCommerce PDF Invoice Builder <= 1.2.89 - Missing Authorization to Sensitive Information ExposureEPSS 0.4%CVE-2023-5712MEDIUMSystem Dashboard <= 2.8.7 - Missing Authorization to Information Disclosure (sd_global_value)EPSS 0.4%CVE-2024-12071MEDIUMEvergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Post DeletionEPSS 0.4%CVE-2024-54252MEDIUMWordPress Pinpoint Booking System Plugin <= 2.9.9.5.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-37232HIGHWordPress Hercules Core plugin <= 6.5 - Subscriber+ Arbitrary Settings Change/Access vulnerabilityEPSS 0.4%CVE-2026-4283CRITICALWP DSGVO Tools (GDPR) <= 3.1.38 - Missing Authorization to Unauthenticated Account Destruction of Non-Admin UsersEPSS 0.4%CVE-2024-32810HIGHWordPress ShortPixel Critical CSS plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1716MEDIUMAdmin Bar Remover <= 1.0.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.4%CVE-2024-3243MEDIUMCustomer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email SendingEPSS 0.4%