Fallos del tipo CWE-862
6795 resultadosCVE-2023-4198MEDIUMDolibarr ERP CRM (<= 17.0.3) Improper Access ControlEPSS 0.6%CVE-2020-36670MEDIUMNEX-Forms <= 7.7.1 - Missing Authorization on Various AJAX ActionsEPSS 0.6%CVE-2023-6965MEDIUMPods - Custom Content Types and Fields - Missing AuthorizationEPSS 0.6%CVE-2022-43417MEDIUMJenkins Katalon Plugin 1.0.32 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/ReadEPSS 0.6%CVE-2022-38512MEDIUMThe Translation module in Liferay Portal v7.4.3.12 through v7.4.3.36, and Liferay DXP 7.4 update 8 through 36 does not check permissions befEPSS 0.6%CVE-2024-31343HIGHWordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 4.10.1 - Arbitrary File Download vulnerabilityEPSS 0.6%CVE-2024-53805HIGHWordPress WP Mailster plugin <= 1.8.16.0 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2023-25048MEDIUMWordPress Fantastic Content Protector Free plugin <= 2.6 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-55876MEDIUMXWiki's scheduler in subwiki allows scheduling operations for any main wiki userEPSS 0.6%CVE-2021-42062—SAP ERP HCM Portugal does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain areaEPSS 0.6%CVE-2023-51353MEDIUMWordPress Popup by Supsystic plugin <= 1.10.19 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-1109MEDIUMPodlove Podcast Publisher <= 4.0.11 - Missing Authorization to Unauthenticated Data ExportEPSS 0.6%CVE-2023-2261MEDIUMWP Activity Log <= 4.5.0 - Missing Capabilities Check to User EnumerationEPSS 0.6%CVE-2023-49817HIGHWordPress Flexible Woocommerce Checkout Field Editor plugin <= 2.0.1 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2025-3949MEDIUMWebsite Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information ExposureEPSS 0.6%CVE-2024-1352MEDIUMClassified Listing – Classified ads & Business Directory Plugin <= 3.0.4 - Missing AuthorizationEPSS 0.6%CVE-2022-43472MEDIUMWordPress eRoom plugin <= 1.4.6 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-32730MEDIUMMissing authorization check in SAP Enable Now ManagerEPSS 0.6%CVE-2023-6955MEDIUMMissing Authorization in GitLabEPSS 0.6%CVE-2025-32253MEDIUMWordPress Course Booking System Plugin <= 6.1 - Broken Access Control vulnerabilityEPSS 0.6%