Fallos del tipo CWE-862
6946 resultadosCVE-2025-32208MEDIUMWordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-6441MEDIUMCanto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting ModificationEPSS 0.3%CVE-2025-68058HIGHWordPress Institutions Directory plugin <= 1.3..4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-31214MEDIUMWordPress WP Quick Post Duplicator plugin <= 2.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-47563MEDIUMWordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.3%CVE-2025-14895MEDIUMPopupKit <= 2.2.0 - Missing Authorization to Sensitive Information Disclosure and Data DeletionEPSS 0.3%CVE-2026-23632MEDIUMGogs user can update repository content with read-only permissionEPSS 0.3%CVE-2026-1000MEDIUMMailerLite - WooCommerce integration <= 3.1.3 - Missing Authorization to Data DeletionEPSS 0.3%CVE-2024-34691MEDIUMMissing Authorization check in SAP S/4HANA (Manage Incoming Payment Files)EPSS 0.3%CVE-2026-25441MEDIUMWordPress LeadConnector plugin <= 3.0.21 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2019-25351HIGHCentova Cast 3.2.11 - Arbitrary File DownloadEPSS 0.3%CVE-2026-39658MEDIUMWordPress Panda Pods Repeater Field plugin <= 1.5.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-49687MEDIUMWordPress Smart Manager plugin <= 8.45.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49961MEDIUMWordPress Breeze Checkout plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-0692HIGHBlueSnap Payment Gateway for WooCommerce <= 3.4.0 - Missing Authorization to Unauthenticated Arbitrary Order Status ManipulationEPSS 0.3%CVE-2025-1668MEDIUMSchool Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Arbitrary User DeletionEPSS 0.3%CVE-2024-56272MEDIUMWordPress Hide Category by User Role for WooCommerce plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-54019MEDIUMOpen WebUI: RAG ACL Bypass in Milvus Multitenancy ModeEPSS 0.3%CVE-2025-2290MEDIUMLifterLMS <= 8.0.1 - Missing Authorization to Unauthenticated Post TrashingEPSS 0.3%CVE-2026-1655MEDIUMEventPrime <= 4.2.8.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Event Modification via 'event_id' ParameterEPSS 0.3%