Fallos del tipo CWE-862
7000 resultadosCVE-2025-26765MEDIUMWordPress Distance Based Shipping Calculator plugin <= 2.0.22 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23954MEDIUMWordPress Salvador – AI Image Generator plugin <= 1.0.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14047MEDIUMWP User Frontend <= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment DeletionEPSS 0.2%CVE-2025-64148MEDIUMA missing permission check in Jenkins Publish to Bitbucket Plugin 0.4 and earlier allows attackers with Overall/Read permission to enumerateEPSS 0.2%CVE-2025-68024MEDIUMWordPress Addonify – WooCommerce Wishlist plugin <= 2.0.15 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-23930MEDIUMWordPress PayPal Marketing Solutions plugin <= 1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23962MEDIUMWordPress Goldstar plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66136MEDIUMWordPress Carter for Elementor plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-5228HIGHImproper Access Control in Kurt Software Studio's WriteUp Mobile AppEPSS 0.2%CVE-2026-4128MEDIUMTP Restore Categories And Taxonomies <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Taxonomy Deletion via 'tpmcattt_delete_term' AJAX ActionEPSS 0.2%CVE-2023-35998MEDIUMITM Server Missing Authorization in SOAP EndpointsEPSS 0.2%CVE-2026-1925MEDIUMEmailKit – Email Customizer for WooCommerce & WP <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Title ModificationEPSS 0.2%CVE-2026-9199MEDIUMEqualize Digital Accessibility Checker <= 1.42.1 - Missing Authorization to Authenticated (Author+) Arbitrary Accessibility Issue Modification via 'largeBatch' ParameterEPSS 0.2%CVE-2025-68542MEDIUMWordPress Checkout Gateway for IRIS plugin <= 1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-40726HIGHWordPress User Registration Stripe plugin <= 1.3.14 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58968MEDIUMWordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-13441MEDIUMHide Category by User Role for WooCommerce <= 2.3.1 - Missing Authorization to Unauthenticated Cache FlushingEPSS 0.2%CVE-2026-50084CRITICALAqara API cross-account accessEPSS 0.2%CVE-2026-33918HIGHOpenEMR Missing Authorization on Claim File Download EndpointEPSS 0.2%CVE-2026-5025MEDIUMLangflow - Application Logs Exposed to All Authenticated UsersEPSS 0.2%