Fallos del tipo CWE-862
7039 resultadosCVE-2026-9184MEDIUM24liveblog <= 2.2 - Missing Authorization to Authenticated (Author+) Settings Modification via update_lb24_token AJAX actionEPSS 0.2%CVE-2026-27792MEDIUMSeerr missing authentication on pushSubscription endpointsEPSS 0.2%CVE-2025-13828CRITICALMautic user without privileged access to the Marketplace can install and uninstall composer packagesEPSS 0.2%CVE-2025-63038MEDIUMWordPress WP Custom Admin Interface plugin <= 7.40 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-50573MEDIUMIn JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized servicesEPSS 0.2%CVE-2025-62881MEDIUMWordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27686MEDIUMMissing Authorization check in SAP Business Warehouse (Service API)EPSS 0.2%CVE-2025-30990MEDIUMWordPress ThemeHunk plugin <= 1.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48335MEDIUMWordPress Responsive Plus plugin <= 3.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62882MEDIUMWordPress Seriously Simple Podcasting plugin <= 3.13.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-45244HIGHSensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect CEPSS 0.2%CVE-2025-12180MEDIUMQi Blocks <= 1.4.3 - Missing Authorization to Authenticated (Contributor+) Plugin Settings UpdateEPSS 0.2%CVE-2026-39588MEDIUMWordPress NM Gift Registry and Wishlist Lite plugin <= 5.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-22445MEDIUMWordPress Apimo Connector plugin <= 2.6.5.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39509MEDIUMWordPress Directorist plugin <= 8.5.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48127MEDIUMWordPress Push notification for Mobile and Web app plugin <= 2.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32382MEDIUMWordPress Digital Download theme <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32376MEDIUMWordPress Kalon theme <= 1.2.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39663MEDIUMWordPress TrueBooker plugin <= 1.1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32347MEDIUMWordPress Restaurant and Cafe theme <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.2%