Fallos del tipo CWE-862
6804 resultadosCVE-2023-23850MEDIUMA missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate EPSS 0.5%CVE-2023-1844MEDIUMSubscribe2 <= 10.40 - Missing AuthorizationEPSS 0.5%CVE-2025-31773MEDIUMWordPress Ship Per Product plugin <= 2.1.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-43974MEDIUMWordPress ReviveNews theme <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-2764MEDIUMDraw Attention <= 2.0.11 - Missing Authorization to Arbitrary Post Featured Image ModificationEPSS 0.5%CVE-2023-6855MEDIUMPaid Memberships Pro <= 2.12.5 - Missing Authorization via APIEPSS 0.5%CVE-2024-10762HIGHMissing Authorization in lunary-ai/lunaryEPSS 0.5%CVE-2025-31822MEDIUMWordPress WordPress Simple HTML Sitemap plugin <= 3.4 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-32719MEDIUMWordPress WP Club Manager plugin <= 2.2.11 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-1158MEDIUMPost Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing AuthorizationEPSS 0.5%CVE-2024-33686MEDIUMBroken Access Control vulnerability affecting multiple WordPress themes by Extend ThemesEPSS 0.5%CVE-2025-65669CRITICALAn issue was discovered in classroomio 0.1.13. Student accounts are able to delete courses from the Explore page without any authorization oEPSS 0.5%CVE-2023-25715MEDIUMWordPress GamiPress Plugin <= 2.5.6 is vulnerable to Broken Access ControlEPSS 0.5%CVE-2020-27777—A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot)EPSS 0.5%CVE-2024-43980MEDIUMWordPress FotaWP theme <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-4259MEDIUMSensetive Data Exposure in SAMPAS's AKOSEPSS 0.5%CVE-2026-22172CRITICALOpenClaw < 2026.3.12 - Scope Elevation in WebSocket Shared-Auth ConnectionsEPSS 0.5%CVE-2023-2066MEDIUMAnnouncement & Notification Banner – Bulletin <= 3.6.0 - Missing Authorization ChecksEPSS 0.5%CVE-2024-2962MEDIUMNetworker - Tech News WordPress Theme with Dark Mode <= 1.1.9 - Missing AuthorizationEPSS 0.5%CVE-2023-2788MEDIUMDeactivated user can retain access using oauth2 apiEPSS 0.5%