Fallos del tipo CWE-862
6846 resultadosCVE-2024-31244CRITICALWordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change vulnerabilityEPSS 0.4%CVE-2024-37226MEDIUMWordPress Kanban Boards for WordPress plugin <= 2.5.21 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-13813MEDIUMmoxi159753 Mogu Blog v2 Storage Management Endpoint storage authorizationEPSS 0.4%CVE-2024-1385HIGHWP-Stateless – Google Cloud Storage <= 3.4.0 - Missing Authorization to Limited Arbitrary Options UpdateEPSS 0.4%CVE-2026-7051MEDIUMBlog2Social: Social Media Auto Post & Scheduler <= 8.9.0 - Missing Authorization to Authenticated (Subscriber+) Delete Arbitrary B2S Post Records via 'postId' ParameterEPSS 0.4%CVE-2024-49325MEDIUMWordPress Photo Gallery Builder plugin <= 3.0 - Broken Access Control to Notice Dismissal vulnerabilityEPSS 0.4%CVE-2025-3124MEDIUMMissing Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized access to private repository namesEPSS 0.4%CVE-2024-38690MEDIUMWordPress iPanorama 360 plugin <= 1.8.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-38707MEDIUMWordPress EmbedPress plugin <= 4.0.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-47874MEDIUMWordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2024-34819MEDIUMWordPress MC Woocommerce Wishlist plugin <= 1.7.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-0825MEDIUMDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.5 - Missing Authorization to Unauthenticated Form Data Exfiltration via CSV ExportEPSS 0.4%CVE-2023-37886MEDIUMWordPress RealHomes theme <= 4.0.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-34821MEDIUMWordPress Contact List plugin <= 2.9.87 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-27604CRITICALFOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin FunctionsEPSS 0.4%CVE-2023-5386MEDIUMFunnelforms Free <= 3.4 - Missing Authorization to Arbitrary Post DeletionEPSS 0.4%CVE-2022-2350—Disable User Login <= 1.0.1 - Unauthenticated Settings UpdateEPSS 0.4%CVE-2025-57961MEDIUMWordPress CoDesigner plugin <= 4.29 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-5685HIGHBroken Function Level Authorization (BFLA) in snipe/snipe-itEPSS 0.4%CVE-2023-49859MEDIUMWordPress Login With Ajax plugin <= 4.1 - Broken Access Control vulnerabilityEPSS 0.4%