Fallos del tipo CWE-862
7017 resultadosCVE-2025-46470MEDIUMWordPress Smart Hashtags [#hashtagger] plugin <= 7.2.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-32295MEDIUMWordPress Salon Booking Wordpress plugin <= 10.10.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25443HIGHWordPress Fraud Prevention For Woocommerce plugin <= 2.3.3 - Arbitrary Content Deletion vulnerabilityEPSS 0.2%CVE-2025-49248MEDIUMWordPress Team Showcase plugin < 25.05.13 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-47471MEDIUMWordPress Envo Extra plugin <= 1.9.9 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-12877MEDIUMIDonate – Blood Donation, Request And Donor Management System <= 2.1.15 - Missing Authorization to Unauthenticated Arbitrary Post DeletionEPSS 0.2%CVE-2025-12392MEDIUMCryptocurrency Payment Gateway for WooCommerce <= 2.0.25 - Missing Authorization to Unauthenticated Tracking Status UpdateEPSS 0.2%CVE-2025-29010MEDIUMWordPress Behance Portfolio Manager plugin <= 1.7.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49246MEDIUMWordPress Testimonials Showcase plugin <= 1.9.16 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-54695MEDIUMWordPress HT Mega Plugin plugin <= 2.9.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-47467MEDIUMWordPress GS Testimonial Slider plugin <= 3.3.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-28994MEDIUMWordPress Viral Loops WP Integration plugin <= 3.8.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-49272MEDIUMWordPress Trinity Audio plugin <= 5.20.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-49289MEDIUMWordPress PDF for WPForms plugin <= 5.5.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-12391MEDIUMRestrictions for BuddyPress <= 1.5.2 - Missing Authorization to Unauthenticated Tracking Status UpdateEPSS 0.2%CVE-2025-58785MEDIUMWordPress Ray Enterprise Translation plugin <= 1.7.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-54010HIGHOpen WebUI: Forged chat-file link allows cross-user file read and deletionEPSS 0.2%CVE-2025-14080MEDIUMFrontend Post Submission Manager Lite <= 1.2.5 - Missing Authorization to Unauthenticated Arbitrary Post ModificationEPSS 0.2%CVE-2025-13177MEDIUMBdtask/CodeCanyon SalesERP cross-site request forgeryEPSS 0.2%CVE-2026-49205MEDIUMphpMyFAQ: Missing userHasPermission() in 4 API write endpoints (CVE-2026-24421 Incomplete Fix)EPSS 0.2%