Fallos del tipo CWE-862
6802 resultadosCVE-2023-1024MEDIUMWP Meta SEO <= 4.5.3 - Missing Authorization in 'regenerateSitemaps'EPSS 0.5%CVE-2025-6043HIGHMalcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 17.0 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.5%CVE-2024-1120MEDIUMNextMove Lite – Thank You Page for WooCommerce & Finale Lite – Sales Countdown Timer & Discount for WooCommerce <= 2.17.0 - Missing Authorization to Unauthenticated System Information DisclosureEPSS 0.5%CVE-2022-43413MEDIUMJenkins Job Import Plugin 3.5 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permEPSS 0.5%CVE-2023-41866MEDIUMWordPress Automatic YouTube Gallery plugin <= 2.3.3 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2021-25095—IP2Location Country Blocker < 2.26.5 - Subscriber+ Arbitrary Country BanEPSS 0.5%CVE-2024-5992MEDIUMCliengo - Chatbot <= 3.0.2 - Missing Authorization to Unauthenticated Chatbot Settings UpdateEPSS 0.5%CVE-2022-45356MEDIUMWordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-5425HIGHPost Meta Data Manager <=1.2.0 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.5%CVE-2024-13556HIGHAffiliate Links: WordPress Plugin for Link Cloaking and Link Management <= 3.0.1 - Missing Authorization to Unauthenticated Import/Export and PHP Object InjectionEPSS 0.5%CVE-2026-5427MEDIUMKubio AI Page Builder <= 2.7.2 - Missing Authorization to Authenticated (Contributor+) Limited File Upload via Kubio Block AttributesEPSS 0.5%CVE-2022-41250MEDIUMA missing permission check in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an aEPSS 0.5%CVE-2024-9578MEDIUMHide Links <= 1.4.2 - Unauthenticated Shortcode ExecutionEPSS 0.5%CVE-2022-4948MEDIUMFlyingPress <= 3.9.6 - Missing AuthorizationEPSS 0.5%CVE-2024-10532MEDIUMBard Extra <= 1.2.7 - Missing Authorization to Authenticated (Subscriber+) Demo ImportEPSS 0.5%CVE-2022-40316MEDIUMThe H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers abEPSS 0.5%CVE-2025-12825MEDIUMUser Registration Using Contact Form 7 <= 2.5 - Authenticated (Subscriber+) Information ExposureEPSS 0.5%CVE-2024-43118MEDIUMWordPress Hummingbird plugin <= 3.9.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-50422MEDIUMWordPress Breeze plugin <= 2.1.14 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-2696MEDIUMRestaurant Menu – Food Ordering System – Table Reservation <= 2.3.0 - Missing Authorization on AJAX ActionsEPSS 0.5%