Fallos del tipo CWE-862
6946 resultadosCVE-2025-68594MEDIUMWordPress Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin <= 19.12.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-31540MEDIUMWordPress ACME Divi Modules plugin <= 1.3.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-26928MEDIUMWordPress Order Limit for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-31266HIGHCraft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint (/actions/app/migrate).EPSS 0.3%CVE-2026-1981MEDIUMWinston AI <= 0.0.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings DeletionEPSS 0.3%CVE-2025-67969MEDIUMWordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-13493HIGHLatest Registered Users <= 1.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via User Data ExportEPSS 0.3%CVE-2025-52738MEDIUMWordPress Wikipedia Preview plugin <= 1.15.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-1483MEDIUMLTL Freight Quotes – GlobalTranz Edition <= 2.3.12 - Missing Authorization to Unauthenticated Settings UpdateEPSS 0.3%CVE-2024-12610MEDIUMSchool Management System for Wordpress <= 93.0.0 - Missing Authorization to Unauthenticated Arbitrary Post DeletionEPSS 0.3%CVE-2025-3037MEDIUMyzk2356911358 StudentServlet-JSP cross-site request forgeryEPSS 0.3%CVE-2025-47563MEDIUMWordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.3%CVE-2026-1000MEDIUMMailerLite - WooCommerce integration <= 3.1.3 - Missing Authorization to Data DeletionEPSS 0.3%CVE-2025-32208MEDIUMWordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68058HIGHWordPress Institutions Directory plugin <= 1.3..4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-66071MEDIUMWordPress Custom Order Numbers for WooCommerce plugin <= 1.11.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-63008MEDIUMWordPress WP ERP plugin <= 1.16.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-6441MEDIUMCanto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting ModificationEPSS 0.3%CVE-2025-69220HIGHLibreChat has Insufficient Access Control for Agent FilesEPSS 0.3%CVE-2019-25351HIGHCentova Cast 3.2.11 - Arbitrary File DownloadEPSS 0.3%