Fallos del tipo CWE-862
6955 resultadosCVE-2024-47337MEDIUMWordPress Joy Of Text Lite plugin <= 2.3.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-10648MEDIUMLogin with YourMembership - YM SSO Login <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes'EPSS 0.3%CVE-2024-37544MEDIUMWordPress Get Better Reviews for WooCommerce plugin <= 4.0.6 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-56244MEDIUMWordPress Ashe Extra plugin <= 1.2.92 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-4088MEDIUMGutenberg Blocks and Page Layouts – Attire Blocks <= 1.9.2 - Missing AuthorizationEPSS 0.3%CVE-2025-14720MEDIUMBooking for Appointments and Events Calendar – Amelia <= 1.2.38 - Missing Authorization to Unauthenticated Multiple AJAX ActionsEPSS 0.3%CVE-2025-62906MEDIUMWordPress Referral Link Tracker plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-69385MEDIUMWordPress Cartify - WooCommerce Gutenberg WordPress Theme theme <= 1.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2026-22663HIGHprompts.chat Authorization Bypass Information DisclosureEPSS 0.3%CVE-2025-54002MEDIUMWordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31876MEDIUMWordPress Payday plugin <= 3.3.18 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-28038MEDIUMWordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.21.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-56217MEDIUMWordPress Download Manager plugin <= 3.3.03 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30960HIGHWordPress FS Poster plugin <= 6.5.8 - Subscriber+ Site Wide Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49907MEDIUMWordPress MDTF plugin <= 1.3.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22363MEDIUMWordPress Allada T-shirt Designer for Woocommerce plugin <= 1.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-33684MEDIUMWordPress Save as PDF plugin by Pdfcrowd plugin <= 3.2.0 - Broken Access Control to Stored XSS vulnerabilityEPSS 0.3%CVE-2026-40793MEDIUMWordPress Groundhogg plugin < 4.4.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-13769MEDIUMPuzzles | WP Magazine / Review with Store WordPress Theme + RTL <= 4.2.4 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-40794MEDIUMWordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerabilityEPSS 0.3%