Fallos del tipo CWE-862
6883 resultadosCVE-2024-8369MEDIUMEventPrime <= 4.0.4.3 - Missing Authorization to Unauthenticated Private or Password-Protected Events DisclosureEPSS 0.3%CVE-2024-1324MEDIUMQQWorld Auto Save Images <= 1.9.8 - Missing Authorization to Arbitrary Post Content RetrievalEPSS 0.3%CVE-2024-12821HIGHMedia Manager for UserPro <= 3.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.3%CVE-2025-6721MEDIUMVchasno Kasa <= 1.0.3 - Missing Authorization to Unauthenticated Invoice GenerationEPSS 0.3%CVE-2025-9054CRITICALMultiLoca - WooCommerce Multi Locations Inventory Management <= 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Options Update via 'wcmlim_settings_ajax_handler'EPSS 0.3%CVE-2023-6504MEDIUMProfile Builder <= 3.10.7 - Insecure Direct Object Reference to Sensitive Information Exposure via user_meta ShortcodeEPSS 0.3%CVE-2022-3538MEDIUMWebmaster Tools Verification <= 1.2 - Unauthenticated Arbitrary Plugin DeactivationEPSS 0.3%CVE-2023-6007HIGHUserPro <= 5.1.1 - Missing Authorization via multiple functionsEPSS 0.3%CVE-2026-5371HIGHMonsterInsights <= 10.1.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure And Plugin Integration ResetEPSS 0.3%CVE-2024-43229MEDIUMWordPress WP Search Analytics plugin <= 1.4.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31872MEDIUMWordPress WP Clone any post type Plugin <= 3.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-24751MEDIUMWordPress CoBlocks plugin <= 3.1.13 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22608MEDIUMCoolify Vulnerable to Revocation of Arbitrary Team Invitations (DOS)EPSS 0.3%CVE-2026-54415HIGHBroken Access Control in Azuriom CMS Server Routes Allows Account TakeoverEPSS 0.3%CVE-2024-53798MEDIUMWordPress FloristPress plugin <= 7.3.0 - Nonce Leakage to Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31794MEDIUMWordPress WR Price List Manager For Woocommerce plugin <= 1.0.8 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2025-31066MEDIUMWordPress Acerola theme <= 1.6.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-32268HIGHAzure Blob Storage for Craft CMS Potential Sensitive Information Disclosure vulnerabilityEPSS 0.3%CVE-2026-4916LOWMissing Authorization in GitLabEPSS 0.3%CVE-2024-43937MEDIUMWordPress WP Crowdfunding plugin <= 2.1.10 - Settings Change vulnerabilityEPSS 0.3%