Fallos del tipo CWE-862
6810 resultadosCVE-2025-24588MEDIUMWordPress Patreon WordPress plugin <= 1.9.1 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-10274MEDIUMImproper Authorization in lunary-ai/lunaryEPSS 0.5%CVE-2024-28159MEDIUMA missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permissionEPSS 0.5%CVE-2024-11725HIGHSMS Alert Order Notifications – WooCommerce <= 3.7.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.5%CVE-2025-21498MEDIUMVulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 1EPSS 0.5%CVE-2022-41692MEDIUMWordPress Appointment Hour Booking plugin <= 1.3.71 - Missing Authorization vulnerabilityEPSS 0.5%CVE-2022-47429MEDIUMWordPress Coming Soon Landing Page and Maintenance Mode WordPress Plugin plugin <= 2.2.0 - Broken Access ControlEPSS 0.5%CVE-2024-33576MEDIUMWordPress WPPizza plugin <= 3.18.10 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2022-43482MEDIUMWordPress Appointment Booking Calendar plugin <= 1.3.69 - Missing Authorization vulnerabilityEPSS 0.5%CVE-2023-51355HIGHWordPress MultiVendorX plugin <= 4.0.23 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-30956CRITICALOneUptime has authorization bypass via client‑controlled is-multi-tenant-query headerEPSS 0.5%CVE-2023-32519MEDIUMWordPress WCP Contact Form plugin <= 3.1.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-48286HIGHWordPress Accept Stripe Payments plugin <= 2.0.79 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-31366HIGHWordPress Post Type Builder (PTB) plugin <= 2.0.8 - Auth. Arbitrary Post/Page Creation vulnerabilityEPSS 0.5%CVE-2022-42903LOWZoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list.EPSS 0.5%CVE-2024-26138MEDIUMLicense information is public, exposing instance id and license holder detailsEPSS 0.5%CVE-2026-4807MEDIUMAppointment Booking Calendar <= 1.6.10.6 - Unauthenticated Arbitrary Appointment View, Modification and DeletionEPSS 0.5%CVE-2023-36607—CVE-2023-36607EPSS 0.5%CVE-2024-3546MEDIUMWordPress Backup & Migration <= 1.4.8 - Missing Authorization to Directory TraversalEPSS 0.5%CVE-2023-30873MEDIUMWordPress WP Docs plugin <= 1.9.8 - Broken Access ControlEPSS 0.5%