Fallos del tipo CWE-862
6931 resultadosCVE-2025-64209HIGHWordPress Masterstudy theme < 4.8.122 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-64630MEDIUMWordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-40870HIGHDecidim's comments API allows access to all commentable resourcesEPSS 0.3%CVE-2025-14360HIGHWordPress Blockons plugin <= 1.2.19 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-0939MEDIUMMagicForm - WordPress Form Builder <= 1.6.2 - Missing AuthorizationEPSS 0.3%CVE-2025-60077HIGHWordPress YayPricing plugin <= 3.5.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-63294MEDIUMWorkDo HRM SaaS HR and Payroll Tool 8.1 is affected vulnerable to Insecure Permissions. An authenticated user can create leave or resignatioEPSS 0.3%CVE-2025-60098MEDIUMWordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-14358HIGHWordPress REHub Framework plugin <= 19.9.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-60045HIGHWordPress IDonatePro plugin <= 2.1.11 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-13794MEDIUMAuto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail ModificationEPSS 0.3%CVE-2025-39559MEDIUMWordPress Bring Fraktguiden for WooCommerce plugin <= 1.11.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49651HIGHMissing Authorization for Interactive SessionsEPSS 0.3%CVE-2026-46425CRITICALBudibase: SCIM endpoints lack role-based authorization, BASIC users CRUD tenant usersEPSS 0.3%CVE-2025-32213MEDIUMWordPress Flo Forms plugin <= 1.0.43 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62086MEDIUMWordPress Яндекс Доставка (Boxberry) plugin <= 2.34 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-2298HIGHAuthenticated API Endpoint Allows Arbitrary File Deletion in Dremio SoftwareEPSS 0.3%CVE-2024-4139MEDIUMMissing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)EPSS 0.3%CVE-2025-28962MEDIUMWordPress Advanced Google Universal Analytics plugin <= 1.0.3 - Broken Access Control to Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-9243HIGHCost Calculator Builder <= 3.5.32 - Authenticated (Subscriber+) Missing Authorization via get_cc_orders/update_order_status FunctionsEPSS 0.3%