Fallos del tipo CWE-862
6850 resultadosCVE-2026-34046HIGHLangflow: Authenticated Users Can Read, Modify, and Delete Any Flow via Missing Ownership CheckEPSS 0.4%CVE-2024-4566HIGHShopLentor <= 2.8.8 - Missing Authorization to WordPress Option ModificationEPSS 0.4%CVE-2023-47224HIGHWordPress WP Travel plugin <= 7.8.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-40203MEDIUMWordPress Advanced Dynamic Pricing for WooCommerce Plugin <= 4.1.5 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2022-45826MEDIUMWordPress Sunshine Photo Cart plugin <= 2.9.13 - Auth. Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-45352MEDIUMWordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-45349MEDIUMWordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-37872MEDIUMWordPress WooCommerce Ship to Multiple Addresses plugin <= 3.8.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-49680MEDIUMWordPress WP VR plugin <= 8.5.5 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-47321MEDIUMWordPress WP Datepicker plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-41857MEDIUMWordPress Click To Tweet plugin <= 2.0.14 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-46188MEDIUMWordPress Freesoul Deactivate Plugins plugin <= 2.1.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-33908MEDIUMWordPress WidgetKit plugin <= 2.5.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-49697MEDIUMWordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-32201MEDIUMWordPress Xpro Theme Builder Plugin <= 1.2.8.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-8096MEDIUMKirki <= 6.0.6 - Missing Authorization to Authenticated (Subscriber+) Sensitive Form Submission Data Exposure via 'kirki_wp_admin_get_apis' ActionEPSS 0.4%CVE-2023-5506MEDIUMImageMapper <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page/Post Deletion via imgmap_delete_area_ajaxEPSS 0.4%CVE-2023-41953MEDIUMWordPress ProfilePress plugin <= 4.13.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-47358MEDIUMWordPress Popup Maker plugin <= 1.19.2 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2022-38141MEDIUMWordPress Sales Report Email for WooCommerce Plugin <= 2.8 is vulnerable to Broken Access ControlEPSS 0.4%