Fallos del tipo CWE-862
6897 resultadosCVE-2026-1942MEDIUMBlog2Social: Social Media Auto Post & Scheduler <= 8.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post ModificationEPSS 0.3%CVE-2024-31246MEDIUMWordPress PostX plugin <= 3.2.3 - Author+ Post/Page Duplication vulnerabilityEPSS 0.3%CVE-2026-5200HIGHAcyMailing <= 10.8.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via 'acymailing_router'EPSS 0.3%CVE-2024-37929MEDIUMWordPress User Activity Log Pro plugin <= 2.3.4 - Subscriber+ Multiple Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-21743MEDIUMA missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthentiEPSS 0.3%CVE-2025-23958MEDIUMWordPress Editor Wysiwyg Background Color plugin <= 1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-50454MEDIUMWordPress SEOPress plugin <= 8.1.1 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-24581MEDIUMWordPress Instantio plugin <= 3.3.7 - Settings Change vulnerabilityEPSS 0.3%CVE-2024-22296MEDIUMWordPress 12 Step Meeting List plugin <= 3.14.28 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-31245MEDIUMThe mem0 1.0.0 server lacks authentication and authorization controls for its memory creation API endpoint (POST /memories). The endpoint alEPSS 0.3%CVE-2025-12924MEDIUMrymcu forest BankController.java GlobalResult authorizationEPSS 0.3%CVE-2024-32704HIGHWordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary WordPress Options Removal vulnerabilityEPSS 0.3%CVE-2025-39536HIGHWordPress JobHunt Job Alerts <= 3.6 - Arbitrary Content Deletion VulnerabilityEPSS 0.3%CVE-2024-1689MEDIUMWooCommerce Tools <= 1.2.9 - Missing Authorization to Authenticated (Subscriber+) Plugin Module DeactivationEPSS 0.3%CVE-2025-26733HIGHWordPress Traveler theme < 3.2.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30881MEDIUMWordPress Big Store theme <= 2.0.8 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-1539MEDIUMMissing Authorization in GitLabEPSS 0.3%CVE-2025-11877HIGHUser Activity Log <= 2.2 - Unauthenticated Limited Options Update via Failed LoginEPSS 0.3%CVE-2026-31800HIGHParse Server: Classes `_GraphQLConfig` and `_Audience` master key bypass via generic class routesEPSS 0.3%CVE-2025-2103HIGHSoundRise Music <= 1.7 - Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.3%