Fallos del tipo CWE-862

6845 resultados
CVE-2023-32299MEDIUMWordPress Ni WooCommerce Sales Report plugin <= 3.7.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2020-36702MEDIUMSpectra – WordPress Gutenberg Blocks <= 1.14.7 - Missing AuthorizationEPSS 0.4%CVE-2024-39592HIGH[CVE-2024-39592] Missing Authorization check in SAP PDCEEPSS 0.4%CVE-2021-25011WP Google Map < 1.8.1 - Subscriber+ Arbitrary Post Deletion and Plugin's Settings UpdateEPSS 0.4%CVE-2023-51682MEDIUMWordPress MC4WP plugin <= 4.9.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-44113HIGHVulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) module. Successful exploitation of this vulnEPSS 0.4%CVE-2024-32601MEDIUMWordPress Popup Anything plugin <= 2.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-23344LOWHCL BigFix WebUI Insights is susceptible to a lack of sufficient authorizationEPSS 0.4%CVE-2024-11323HIGHAI Quiz | Quiz Maker <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.4%CVE-2023-31073MEDIUMWordPress Shortcode to display post and user data plugin <= 1.2.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-4282MEDIUMEmbedPress <= 3.8.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Delete via admin_post_remove and remove_private_dataEPSS 0.4%CVE-2024-38771MEDIUMWordPress Atarim plugin <= 4.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43235HIGHWordPress Meta Box plugin <= 5.9.10 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43209MEDIUMWordPress Bitly's WordPress Plugin plugin <= 2.7.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1844MEDIUMRevivePress – Keep your Old Content Evergreen <= 1.5.6 - Missing AuthorizationEPSS 0.4%CVE-2025-15406MEDIUMPHPGurukul Online Course Registration authorizationEPSS 0.4%CVE-2023-25993MEDIUMWordPress Top 10 – Popular posts plugin for WordPress plugin <= 3.2.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-36113MEDIUMDiscourse missing authorization checks for suspending admins/moderatorsEPSS 0.4%CVE-2024-10003MEDIUMRover IDX <= 3.0.0.2903 - Authenticated (Subscriber+) Missing Authorization via Multiple FunctionsEPSS 0.4%CVE-2026-33950CRITICALsignalk-server: Privilege Escalation by Admin Role Injection via /enableSecurityEPSS 0.4%