Fallos del tipo CWE-862
7039 resultadosCVE-2025-1326MEDIUMHomey - Booking and Rentals WordPress Theme <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Reservation & Post DeletionEPSS 0.2%CVE-2026-59709MEDIUMGhostfolio - Unauthorized Portfolio Holding Tag Modification via Missing Permission CheckEPSS 0.2%CVE-2026-55476MEDIUMSnipe-IT: Unauthorized Asset Request Cancellation via Unguarded cancel_by_admin ParameterEPSS 0.2%CVE-2026-27055MEDIUMWordPress Penci AI SmartContent Creator plugin <= 2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12170MEDIUMCheckbox <= 2.8.10 - Missing Authorization to Unauthenticated Log ClearingEPSS 0.2%CVE-2025-62964MEDIUMWordPress MDTF plugin <= 1.3.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3226MEDIUMLearnPress <= 4.3.2.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Notification TriggeringEPSS 0.2%CVE-2025-8505MEDIUM495300897 wx-shop cross-site request forgeryEPSS 0.2%CVE-2026-48973MEDIUMWordPress SVG Support plugin <= 2.5.14 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27327MEDIUMWordPress YayMail – WooCommerce Email Customizer plugin <= 4.3.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68508MEDIUMWordPress Brave plugin <= 0.8.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-11852MEDIUMDebusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized inEPSS 0.2%CVE-2026-24946MEDIUMWordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.8.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32396MEDIUMWordPress Team plugin <= 5.0.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-45549HIGHRoxy-WI: Authorization bypass on POST /smon/agent/action/<action> — guest can stop or restart smon-agent on any hostEPSS 0.2%CVE-2026-35630HIGHOpenClaw < 2026.5.18 - QQBot Missing Approver Identity Enforcement in Native Approval ButtonsEPSS 0.2%CVE-2026-40581HIGHChurchCRM: Cross-Site Request Forgery (CSRF) in SelectDelete.php Leading to Permanent Data DeletionEPSS 0.2%CVE-2025-62980MEDIUMWordPress Persian Admnin Fonts plugin <= 4.1.03 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49874MEDIUMWordPress Arconix FAQ plugin <= 1.9.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-32413MEDIUMWordPress Permalink Manager Lite plugin < 2.5.3 - Broken Access Control vulnerabilityEPSS 0.2%