Fallos del tipo CWE-862
6946 resultadosCVE-2025-30855HIGHWordPress Ads by WPQuads plugin <= 2.0.87.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-1786MEDIUMTwitter posts to Blog <= 1.11.25 - Missing Authorization to Unauthenticated Plugin Settings UpdateEPSS 0.3%CVE-2025-43862HIGHDify Allows Unauthorized Access and Modification of APP OrchestrationEPSS 0.3%CVE-2024-31307MEDIUMWordPress Easy Social Share Buttons plugin <= 9.4 - Multiple Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49910HIGHWordPress WPGuppy plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26969HIGHWordPress PrivateContent plugin <= 8.11.5 - Subscriber+ Site Wide Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-24600MEDIUMWordPress RSVPMaker plugin <= 11.4.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31544MEDIUMWordPress Swiss Toolkit For WP plugin <= 1.4.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68565MEDIUMWordPress Twitch Player plugin <= 2.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-30851MEDIUMWordPress Tickera plugin <= 3.5.5.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-7491MEDIUMHUSKY – Products Filter Professional for WooCommerce <= 1.3.6.1 - Insecure Direct Object Reference to UnsubscribeEPSS 0.3%CVE-2025-30639HIGHWordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-12849MEDIUMContest Gallery <= 28.0.2 - Missing AuthorizationEPSS 0.3%CVE-2025-31865MEDIUMWordPress CartBoss plugin <= 4.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-7050MEDIUMForms Rb <= 1.1.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via 'form_id' ParameterEPSS 0.3%CVE-2026-0718MEDIUMPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.5 - Missing Authorization to Limited Post Meta ModificationEPSS 0.3%CVE-2026-12472MEDIUMKirki <= 6.0.11 - Missing Authorization to Unauthenticated Arbitrary Email Content Injection (Mail Relay / Phishing) via 'emailBody' and 'emailSubject' ParametersEPSS 0.3%CVE-2026-27783MEDIUMGitea issue-template APIs bypass repository unit authorizationEPSS 0.3%CVE-2025-9331MEDIUMSpacious <= 1.9.11 - Missing Authorization to Autheticated (Subscriber+) Demo Data ImportEPSS 0.3%CVE-2025-26928MEDIUMWordPress Order Limit for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerabilityEPSS 0.3%