Fallos del tipo CWE-862
6794 resultadosCVE-2023-30532MEDIUMA missing permission check in Jenkins TurboScript Plugin 1.3 and earlier allows attackers with Item/Read permission to trigger builds of jobEPSS 0.6%CVE-2025-27666CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient Authorization Checks OEPSS 0.6%CVE-2023-37967MEDIUMWordPress DirectoryPress plugin <= 3.6.2 - Unauthenticated Broken Access Control VulnerabilityEPSS 0.6%CVE-2025-23514MEDIUMWordPress Loginplus plugin <= 1.2 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2025-46348CRITICALYesWiki Vulnerable to Unauthenticated Site Backup Creation and DownloadEPSS 0.6%CVE-2024-10813MEDIUMProduct Table for WooCommerce by CodeAstrology (wooproducttable.com) <= 3.5.1 - Information ExposureEPSS 0.6%CVE-2020-36837CRITICALThemeGrill Demo Importer 1.3.4 - 1.6.1 - Authorization Bypass to Site ResetEPSS 0.6%CVE-2025-7695HIGHDataverse Integration 2.77 - 2.81 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via reset_password_link REST RouteEPSS 0.6%CVE-2024-32948CRITICALWordPress ARMember – Membership Plugin plugin <= 4.0.28 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2023-0293MEDIUMMediamatic – Media Library Folders <= 2.8.1 - Missing AuthorizationEPSS 0.6%CVE-2023-2083MEDIUMEssential Blocks <= 4.0.6 - Missing Authorization via saveEPSS 0.6%CVE-2024-33597HIGHWordPress SSU plugin <= 1.5.0 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-12535HIGHHost PHP Info <= 1.0.4 - Missing Authorization to Unauthenticated Sensitive Information DisclosureEPSS 0.6%CVE-2022-41271CRITICALAn unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PEPSS 0.6%CVE-2024-33635HIGHWordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Unauthenticated Arbitrary Post/Page Deletion vulnerabilityEPSS 0.6%CVE-2023-6158MEDIUMEventON - WordPress Virtual Event Calendar Plugin Pro <= 4.5.4 & Free <= 2.2.7 - Missing Authorization to Arbitrary Post Meta Update via evo_eventpost_update_metaEPSS 0.6%CVE-2022-45385HIGHA missing permission check in Jenkins CloudBees Docker Hub/Registry Notification Plugin 2.6.2 and earlier allows unauthenticated attackers tEPSS 0.6%CVE-2024-3287MEDIUMSmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.2 - Missing AuthorizationEPSS 0.6%CVE-2024-3678MEDIUMBlog2Social: Social Media Auto Post & Scheduler <= 7.4.2 - Information ExposureEPSS 0.6%CVE-2025-53640MEDIUMIndico vulnerable to user enumeration via API endpointEPSS 0.6%