Fallos del tipo CWE-862
6961 resultadosCVE-2023-47778MEDIUMWordPress LuckyWP Scripts Control plugin <= 1.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62884MEDIUMWordPress Coupon Affiliates plugin <= 7.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66525MEDIUMWordPress Elastic Email Sender plugin <= 1.2.20 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66527MEDIUMWordPress Lobo theme <= 2.8.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-7078MEDIUM07FLYCMS/07FLY-CMS/07FlyCRM cross-site request forgeryEPSS 0.2%CVE-2025-4522MEDIUMIDonate 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion via admin_post_donor_delete FunctionEPSS 0.2%CVE-2026-57327MEDIUMWordPress MainWP plugin <= 6.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58986MEDIUMWordPress Jock On Air Now (JOAN) plugin <= 6.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49986MEDIUMWordPress Video List Manager plugin <= 1.7 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-31386MEDIUMWordPress Simple:Press plugin <= 6.11.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24941HIGHWordPress WP Job Portal plugin <= 2.4.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14397HIGHPostem Ipsum <= 3.0.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation in postem_ipsum_generate_usersEPSS 0.2%CVE-2025-7756MEDIUMcode-projects E-Commerce Site cross-site request forgeryEPSS 0.2%CVE-2026-44555HIGHOpen WebUI: Base Model Routing Bypasses Access Control via Model ChainingEPSS 0.2%CVE-2025-12783MEDIUMPremmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings UpdateEPSS 0.2%CVE-2025-12721MEDIUMg-FFL Cockpit <= 1.7.1 - Missing Authorization to Unauthenticated Information ExposureEPSS 0.2%CVE-2026-8077HIGHWeak credentials vulnerability in the CashDro 3 web administration panelEPSS 0.2%CVE-2026-3582MEDIUMIncorrect Authorization in GitHub Enterprise Server allows access to issue and commit search results without repo scopeEPSS 0.2%CVE-2026-4331MEDIUMBlog2Social: Social Media Auto Post & Scheduler <= 8.8.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Deletion via 'b2s_reset_social_meta_tags' AJAX ActionEPSS 0.2%CVE-2025-53291MEDIUMWordPress Spreadconnect plugin <= 2.1.5 - Broken Access Control VulnerabilityEPSS 0.2%