Fallos del tipo CWE-862
6883 resultadosCVE-2024-6709MEDIUMSync Post With Other Site <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Post Creation and UpdateEPSS 0.3%CVE-2025-26958HIGHWordPress JetBlog plugin <= 2.4.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2023-6883MEDIUMEasy Social Feed <= 6.5.2 - Missing Authorization to Settings ModificationEPSS 0.3%CVE-2024-31267MEDIUMWordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1249MEDIUMWordPress Events Manager plugin <= 6.6.4.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-30484MEDIUMWordPress RT Easy Builder plugin <= 2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-6964MEDIUMVideo Conferencing with Zoom <= 4.6.7 - Missing Authorization to Unauthenticated Zoom SDK Credential Exposure via 'get_auth' AJAX ActionEPSS 0.3%CVE-2026-0832HIGHNew User Approve <= 3.2.2 - Missing Authorization to Unauthenticated Arbitrary User Approval, Denial, and Information DisclosureEPSS 0.3%CVE-2025-0526LOWIn affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field EPSS 0.3%CVE-2025-69015LOWWordPress Crowdsignal Forms plugin <= 1.7.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-5347MEDIUMWP Books Gallery <= 4.8.0 - Missing Authorization to Unauthenticated Settings Update via 'permalink_structure' ParameterEPSS 0.3%CVE-2026-26236MEDIUMQuMagieEPSS 0.3%CVE-2025-23957MEDIUMWordPress Sur.ly plugin <= 3.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22730MEDIUMWordPress Ksher plugin <= 1.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-2784MEDIUMApps Framework allows install requests from regular members via an internal pathEPSS 0.3%CVE-2024-9824MEDIUMImagePress - Image Gallery <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Post Title UpdateEPSS 0.3%CVE-2025-58207HIGHWordPress Ai Image Alt Text Generator for WP Plugin <= 1.1.5 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-26237MEDIUMQuMagieEPSS 0.3%CVE-2024-50428MEDIUMWordPress Multi Step Form plugin <= 1.7.21 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-11620HIGHMultiple Roles per User <= 1.0 - Missing Authorization to Authenticated (Custom+) Privilege EscalationEPSS 0.3%