Fallos del tipo CWE-862

7039 resultados
CVE-2026-32376MEDIUMWordPress Kalon theme <= 1.2.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25000MEDIUMWordPress Wheel of Life plugin <= 1.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32341MEDIUMWordPress Benevolent theme <= 1.3.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32345MEDIUMWordPress Perfect Portfolio theme <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-46488HIGHWordPress Visual Builder plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-22348MEDIUMWordPress Civic Cookie Control plugin <= 1.53 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24568MEDIUMWordPress WP Travel plugin <= 11.1.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32346MEDIUMWordPress Travel Agency theme <= 1.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39610MEDIUMWordPress WpXmas-Snow plugin <= 1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39622MEDIUMWordPress Education Base theme <= 3.0.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39602MEDIUMWordPress Order Tracking plugin <= 3.4.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39691MEDIUMWordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin <= 2.2.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68591MEDIUMWordPress Simple File List plugin <= 6.1.18 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39643MEDIUMWordPress Payment Plugins for PayPal WooCommerce plugin <= 2.0.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25386MEDIUMWordPress Ally plugin <= 4.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39649MEDIUMWordPress Royale News theme <= 2.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39606MEDIUMWordPress BizReview plugin <= 1.5.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68593MEDIUMWordPress WP Adminify plugin <= 4.0.6.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3552MEDIUMSurfLink < 2.6.0 - Missing Authorization to Authenticated (Subscriber+) 410 Gone URL Import via 'surfl_import_410' AJAX ActionEPSS 0.2%CVE-2025-64254LOWWordPress Photo Block plugin <= 1.5.1 - Broken Access Control vulnerabilityEPSS 0.2%