Fallos del tipo CWE-862
7035 resultadosCVE-2025-5885MEDIUMKonica Minolta bizhub cross-site request forgeryEPSS 0.2%CVE-2025-31611MEDIUMWordPress Auto Post After Image Upload plugin <= 1.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2900LOWMissing Authorization in GitLabEPSS 0.2%CVE-2026-44754MEDIUMMissing caller identification check-in for ODP Data Replication APIsEPSS 0.2%CVE-2025-13472MEDIUMMissing authorization in BlazeMeter Jenkins PluginEPSS 0.2%CVE-2026-45001MEDIUMOpenClaw < 2026.4.20 - Gateway Config Mutation Guard Bypass via Agent Tool AccessEPSS 0.2%CVE-2026-43579MEDIUMOpenClaw < 2026.4.10 - Insufficient Access Control in Nostr Profile Mutation RoutesEPSS 0.2%CVE-2026-39664MEDIUMWordPress Leadrebel plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39688MEDIUMWordPress WP Frontend Profile plugin <= 1.3.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32390MEDIUMWordPress Nanosoft theme < 1.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-65020MEDIUMRallly Has Unauthorized Poll Duplication via Insecure Direct Object Reference (IDOR)EPSS 0.2%CVE-2026-32385MEDIUMWordPress RegistrationMagic plugin <= 6.0.7.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48337MEDIUMWordPress QuickCab plugin <= 1.3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-0092CRITICALIn Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead to local escalationEPSS 0.2%CVE-2025-54710HIGHWordPress Tiktok Feed Plugin <= 1.0.21 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-41477HIGHDeskflow: Local privilege escalation via unauthenticated IPCEPSS 0.2%CVE-2026-24387MEDIUMWordPress WP Quick Post Duplicator plugin <= 2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62932MEDIUMWordPress Table Block by RioVizual plugin <= 3.0.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12175MEDIUMThe Events Calendar <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code ExposureEPSS 0.2%CVE-2025-6476MEDIUMSourceCodester Gym Management System cross-site request forgeryEPSS 0.2%