Fallos del tipo CWE-862
7019 resultadosCVE-2025-48444MEDIUMQuick Node Block - Moderately critical - Access bypass - SA-CONTRIB-2025-064EPSS 0.2%CVE-2025-48013MEDIUMQuick Node Block - Moderately critical - Access bypass - SA-CONTRIB-2025-065EPSS 0.2%CVE-2025-14367MEDIUMEasy Theme Options <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings ImportEPSS 0.2%CVE-2025-65028MEDIUMRallly Has an IDOR Vulnerability in Vote Update Endpoint Allows Unauthorized Manipulation of Participant VotesEPSS 0.2%CVE-2026-32122MEDIUMOpenEMR: Missing Authorization on Claim File Tracker UI and AJAX Endpoint (V2)EPSS 0.2%CVE-2025-62883MEDIUMWordPress Premmerce User Roles plugin <= 1.0.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-24603MEDIUMWordPress Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin <= 3.4.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3831MEDIUMDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.9 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via ShortcodeEPSS 0.2%CVE-2025-13741MEDIUMSchedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories <= 4.9.2 - Missing Authorization to Authenticated (Contributor+) Authors' Emails ExposureEPSS 0.2%CVE-2023-5600LOWMissing Authorization in GitLabEPSS 0.2%CVE-2025-22722MEDIUMWordPress Widget Options plugin <= 4.0.8 - Broken Access Control to Notice Dimissal vulnerabilityEPSS 0.2%CVE-2025-13119MEDIUMFabian Ros/SourceCodester Simple E-Banking System cross-site request forgeryEPSS 0.2%CVE-2026-42377HIGHWordPress SureForms Pro plugin <= 2.8.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-0676MEDIUMWordPress Zorka theme <= 1.5.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3117MEDIUMInstance and webhook GitLab plugin commands were able to be run by non-admin usersEPSS 0.2%CVE-2026-23543MEDIUMWordPress Essential Addons for Elementor plugin <= 6.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-12113MEDIUMAppointment Booking Calendar <= 1.4.02 - Missing Authorization to Authenticated (Contributor+) Sensitive Information DisclosureEPSS 0.2%CVE-2026-24967MEDIUMWordPress Amelia plugin <= 1.2.38 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-40667HIGHMissing authorization vulnerability in TCMAN GIM v11EPSS 0.2%CVE-2026-8617MEDIUMSearchPlus <= 1.7.1 - Missing Authorization to Unauthenticated Settings Modification and Deletion via searchplus_save_token & searchplus_reset_token AJAX ActionsEPSS 0.2%