Fallos del tipo CWE-862
6802 resultadosCVE-2023-30526MEDIUMA missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an atEPSS 0.5%CVE-2023-5054MEDIUMSuper Store Finder <= 6.9.3 - Unauthenticated Email Creation/SendingEPSS 0.5%CVE-2025-3960MEDIUMwithstars Books-Management-System Background Interface allreaders.html authorizationEPSS 0.5%CVE-2025-3963MEDIUMwithstars Books-Management-System Background Interface list authorizationEPSS 0.5%CVE-2024-53591CRITICALAn issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a brute force attack.EPSS 0.5%CVE-2023-25037MEDIUMWordPress Booking Calendar Contact Form plugin <= 1.2.34 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-6638MEDIUMGTG Product Feed for Shopping <= 1.2.4 - Missing Authorization to Unauthenticated Plugin Settings UpdateEPSS 0.5%CVE-2023-25026MEDIUMWordPress PayPal Brasil para WooCommerce plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-33229HIGHXWiki Platform affected by remote code execution with script right through unprotected Velocity scripting APIEPSS 0.5%CVE-2023-2787MEDIUMCollapsed Reply Threads APIs leak message contents from private channelsEPSS 0.5%CVE-2024-11354MEDIUMUltimate YouTube Video & Shorts Player With Vimeo <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Playlist/Video DeletionEPSS 0.5%CVE-2024-2222MEDIUMAdvanced Classifieds & Directory Pro <= 3.0.0 - Missing Authorization to Arbitrary Attachment DeletionEPSS 0.5%CVE-2025-23615MEDIUMWordPress Interactive Page Hierarchy plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-23613MEDIUMWordPress WP Journal plugin <= 1.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-1023MEDIUMWP Meta SEO <= 4.5.3 - Missing Authorization in 'saveSitemapSettings'EPSS 0.5%CVE-2023-1024MEDIUMWP Meta SEO <= 4.5.3 - Missing Authorization in 'regenerateSitemaps'EPSS 0.5%CVE-2024-43212HIGHWordPress WpTravelly plugin <= 1.7.7 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-4124HIGHMissing Authorization in answerdev/answerEPSS 0.5%CVE-2025-52352CRITICALAikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hidingEPSS 0.5%CVE-2024-1390MEDIUMPaid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via creating_pricing_table_pageEPSS 0.5%