Fallos del tipo CWE-862
6804 resultadosCVE-2023-1375MEDIUMWP Fastest Cache <= 1.1.2 - Missing Authorization to Cache DeletionEPSS 0.5%CVE-2022-2696MEDIUMRestaurant Menu – Food Ordering System – Table Reservation <= 2.3.0 - Missing Authorization on AJAX ActionsEPSS 0.5%CVE-2024-3275MEDIUMeRoom – Zoom Meetings & Webinar <= 1.4.18 - Missing Authorization to Information ExposureEPSS 0.5%CVE-2023-0019MEDIUMIn SAP GRC (Process Control) - versions GRCFND_A V1200, GRCFND_A V8100, GRCPINW V1100_700, GRCPINW V1100_731, GRCPINW V1200_750, remote-enabEPSS 0.5%CVE-2024-0829MEDIUMComments Extra Fields For Post,Pages and CPT <= 5.0 - Missing AuthorizationEPSS 0.5%CVE-2023-4374MEDIUMWP Remote Users Sync <= 1.2.11 - Missing Authorization to Authenticated (Subscriber+) Log ViewEPSS 0.5%CVE-2024-0791MEDIUMWOLF – WordPress Posts Bulk Editor and Manager Professional <= 1.0.8.1 - Missing AuthorizationEPSS 0.5%CVE-2026-5944MEDIUMCisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API AccessEPSS 0.5%CVE-2024-0835MEDIUMRoyal Elementor Kit <= 1.0.116 - Missing Authorization to Arbitrary Transient UpdateEPSS 0.5%CVE-2024-1843MEDIUMAuto Affiliate Links <= 6.4.3 - Missing Authorization via aalAddLinkEPSS 0.5%CVE-2023-1299HIGHNomad Job Submitter Privilege Escalation Using Workload IdentityEPSS 0.5%CVE-2025-5288CRITICALREST API | Custom API Generator For Cross Platform And Import Export In WP 1.0.0 - 2.0.3 - Missing Authorization to Unauthenticated Privilege Escalation via process_handler FunctionEPSS 0.5%CVE-2024-37119MEDIUMWordPress Uncanny Automator Pro plugin < 5.3.0.1 - Unauthenticated License Settings Reset vulnerabilityEPSS 0.5%CVE-2024-8195MEDIUMPermalink Manager Lite <= 2.4.4 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.5%CVE-2024-37444MEDIUMWordPress Defender plugin <= 4.7.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-2043MEDIUMEleForms – All In One Form Integration including DB for Elementor <= 2.9.9.7 - Missing Authorization to Sensitive Information ExposureEPSS 0.5%CVE-2024-32677MEDIUMWordPress LoginPress Pro plugin < 3.0.0 - Unauth. License Activation/Deactivation vulnerabilityEPSS 0.5%CVE-2025-1682HIGHCardealer <= 1.6.4 - Arbitrary Theme Option Update to Authenticated (Subscriber+) Privilege EscalationEPSS 0.5%CVE-2022-45394MEDIUMA missing permission check in Jenkins Delete log Plugin 1.0 and earlier allows attackers with Item/Read permission to delete build logs.EPSS 0.5%CVE-2023-35051MEDIUMWordPress Contact Forms by Cimatti plugin <= 1.5.7 - Broken Access Control vulnerabilityEPSS 0.5%