Fallos del tipo CWE-862
6963 resultadosCVE-2025-15369MEDIUMXpro Addons — 140+ Widgets for Elementor <= 1.5.0 - Missing Authorization to Unauthenticated Xpro Template CreationEPSS 0.2%CVE-2025-58650MEDIUMWordPress All In One SEO Pack Plugin <= 4.8.7.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-60097MEDIUMWordPress TheGem Theme <= 5.10.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57429MEDIUMWordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-7249MEDIUMLocation Weather <= 3.0.2 - Missing Authorization to Authenticated (Contributor+) Block Settings Modification and Cache PurgingEPSS 0.2%CVE-2026-14373HIGHNomad Docker driver Linux host namespace bypassEPSS 0.2%CVE-2026-22350MEDIUMWordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.3.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53291MEDIUMWordPress Spreadconnect plugin <= 2.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58667MEDIUMWordPress ListingPro Reviews plugin < 2.9.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-41128MEDIUMCraft CMS has a Missing Authorization Check on User Group Removal via save-permissions ActionEPSS 0.2%CVE-2025-14397HIGHPostem Ipsum <= 3.0.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation in postem_ipsum_generate_usersEPSS 0.2%CVE-2024-10860MEDIUMNextMove Lite – Thank You Page for WooCommerce <= 2.19.0 - Missing Authorization to Authenticated (Subscriber+) Deactivation Reason SubmissionEPSS 0.2%CVE-2026-57521MEDIUMBitwarden Server < 2026.5.0 Broken Access Control via PreviewInvoiceControllerEPSS 0.2%CVE-2025-1780MEDIUMBuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages <= 3.4.25 - Cross-Site Request Forgery to Limited Settings UpdateEPSS 0.2%CVE-2025-68534MEDIUMWordPress PDF for WPForms plugin <= 6.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60103MEDIUMWordPress ListingPro plugin <= 2.9.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-60096MEDIUMWordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-25368MEDIUMWordPress Calculated Fields Form plugin <= 5.4.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68837MEDIUMWordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-8077HIGHWeak credentials vulnerability in the CashDro 3 web administration panelEPSS 0.2%