Fallos del tipo CWE-862
6850 resultadosCVE-2024-4858MEDIUMTestimonial Carousel For Elementor <= 10.2.0 - Missing Authorization to Limited Setting UpdateEPSS 0.4%CVE-2026-4650MEDIUMFundPress <= 2.0.8 - Missing Authorization to Unauthenticated Arbitrary Donation Status Modification via donate_action_status AJAX HandlerEPSS 0.4%CVE-2024-31276MEDIUMWordPress Products, Order & Customers Export for WooCommerce plugin <= 2.0.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-30539MEDIUMWordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-3550MEDIUMRockPress <= 1.0.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via AJAX ActionsEPSS 0.4%CVE-2024-35735MEDIUMWordPress WP Time Slots Booking Form plugin <= 1.2.11 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-0619MEDIUMPayflex Payment Gateway <= 2.5.0 - Missing Authorization to Order Status UpdateEPSS 0.4%CVE-2023-2791MEDIUMPlaybooks lets you edit arbitrary postsEPSS 0.4%CVE-2025-31691CRITICALOAuth2 Server - Moderately critical - Access bypass - SA-CONTRIB-2025-020EPSS 0.4%CVE-2022-45819LOWWordPress Popup Maker plugin <= 1.17.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-47847MEDIUMWordPress PayTR Taksit Tablosu plugin <= 1.3.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-49835MEDIUMWordPress Post Duplicator plugin <= 2.31 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-8199MEDIUMReviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Settings UpdateEPSS 0.4%CVE-2023-47832MEDIUMWordPress SearchIQ plugin <= 4.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31681CRITICALAuthenticator Login - Critical - Access bypass - SA-CONTRIB-2025-009EPSS 0.4%CVE-2024-7045MEDIUMImproper Access Control in open-webui/open-webuiEPSS 0.4%CVE-2026-9284HIGHWooCommerce PayPal Payments <= 4.0.1 - Missing Authorization to Unauthenticated Order Manipulation and Information DisclosureEPSS 0.4%CVE-2026-43575CRITICALOpenClaw 2026.2.21 < 2026.4.10 - Authentication Bypass in Sandbox noVNC Helper RouteEPSS 0.4%CVE-2025-42955LOWMissing authorization check in SAP Cloud ConnectorEPSS 0.4%CVE-2024-7046MEDIUMImproper Access Control in open-webui/open-webuiEPSS 0.4%