Fallos del tipo CWE-862
6901 resultadosCVE-2024-54354MEDIUMWordPress Termin-Kalender plugin <= 0.99.47 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-67939MEDIUMWordPress Tickera plugin <= 3.5.6.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-34800HIGHWordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary plugin Installation vulnerabilityEPSS 0.3%CVE-2024-32701MEDIUMWordPress InstaWP Connect plugin <= 0.1.0.24 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-35723MEDIUMWordPress Dashboard To-Do List plugin <= 1.2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-10326MEDIUMRomethemeKit For Elementor <= 1.5.3 - Missing Authorization in save_options and reset_widgetsEPSS 0.3%CVE-2023-51679MEDIUMWordPress BulkGate SMS Plugin for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-56219MEDIUMWordPress Widget Options plugin <= 4.0.6.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-51671MEDIUMWordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Plugin Settings Change vulnerabilityEPSS 0.3%CVE-2026-40474HIGHwger has Broken Access Control in the Global Gym Configuration Update EndpointEPSS 0.3%CVE-2024-8667MEDIUMHurryTimer – An Scarcity and Urgency Countdown Timer for WordPress & WooCommerce <= 2.10.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post PublicationEPSS 0.3%CVE-2024-1438HIGHWordPress Rolo Slider plugin <= 1.0.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-32094MEDIUMWordPress Extended Post Status plugin <= 1.0.19 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-52485MEDIUMWordPress WP Menu Image plugin <= 2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-54040MEDIUMWordPress Webba Booking <= 5.1.20 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-12026MEDIUMMessage Filter for Contact Form 7 <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) New Filter CreationEPSS 0.3%CVE-2023-31234MEDIUMWordPress Tilda Publishing plugin <= 0.3.23 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-12712MEDIUMShopping Cart & eCommerce Store <= 5.7.8 - Missing Authorization to Order UpdatesEPSS 0.3%CVE-2026-13459MEDIUMJetFormBuilder <= 3.6.3 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via 'context' ParameterEPSS 0.3%CVE-2026-7552MEDIUMGeo Mashup <= 1.13.19 - Missing Authorization to Unauthenticated Plugin Settings Disclosure via 'geo_mashup_content' ParameterEPSS 0.3%