Fallos del tipo CWE-862
6794 resultadosCVE-2023-0684MEDIUMWicked Folders <= 2.18.16 - Missing Authorization via ajax_unassign_foldersEPSS 0.6%CVE-2023-0713MEDIUMWicked Folders <= 2.18.16 - Missing Authorization on ajax_add_folderEPSS 0.6%CVE-2023-0717MEDIUMWicked Folders <= 2.18.16 - Missing Authorization via ajax_delete_folderEPSS 0.6%CVE-2023-1026MEDIUMWP Meta SEO <= 4.5.3 - Missing Authorization in 'listPostsCategory'EPSS 0.6%CVE-2023-0716MEDIUMWicked Folders <= 2.18.16 - Missing Authorization on ajax_edit_folderEPSS 0.6%CVE-2023-0711MEDIUMWicked Folders <= 2.18.16 - Missing Authorization via ajax_save_stateEPSS 0.6%CVE-2023-33324MEDIUMWordPress Easy Captcha plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2023-34019MEDIUMWordPress Uncanny Toolkit for LearnDash plugin <= 3.6.4.3 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2025-23862MEDIUMWordPress Contact Form 7 Anti Spambot plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2023-37910HIGHorg.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment MoveEPSS 0.6%CVE-2023-48277MEDIUMWordPress Super Progressive Web Apps plugin <= 2.2.21 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-12553MEDIUMGeoVision GV-ASManager Missing Authorization Information Disclosure VulnerabilityEPSS 0.6%CVE-2023-1169MEDIUMOoohBoi Steroids for Elementor <= 2.1.4 - Missing Authorization leading to Authenticated (Subscriber+) Image UploadEPSS 0.6%CVE-2024-3312MEDIUMEasy Custom Auto Excerpt <= 2.4.12 - Sensitive Information ExposureEPSS 0.6%CVE-2025-11705MEDIUMAnti-Malware Security and Brute-Force Firewall <= 4.23.81 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File ReadEPSS 0.6%CVE-2025-11702HIGHMissing Authorization in GitLabEPSS 0.6%CVE-2023-2086MEDIUMEssential Blocks <= 4.0.6 - Missing Authorization via template_countEPSS 0.6%CVE-2022-4932MEDIUMTotal Upkeep <= 1.14.13 - Missing Authorization to Authenticated (Subscriber+) Information DisclosureEPSS 0.6%CVE-2025-70150CRITICALCodeAstro Membership Management System 1.0 contains a missing authentication vulnerability in delete_members.php that allows unauthenticatedEPSS 0.6%CVE-2023-2268HIGHPlane v0.7.1 - Unauthorized access to filesEPSS 0.6%