Fallos del tipo CWE-862
7045 resultadosCVE-2026-1835MEDIUMlcg0124 BootDo cross-site request forgeryEPSS 0.2%CVE-2026-1751LOWMissing Authorization in GitLabEPSS 0.2%CVE-2025-69315MEDIUMWordPress Simply Schedule Appointments plugin <= 1.6.9.15 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-23545MEDIUMWordPress Aruba HiSpeed Cache plugin <= 3.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67584MEDIUMWordPress GoDAM plugin <= 1.4.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-52701MEDIUMWordPress User Registration plugin <= 5.2.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57375MEDIUMWordPress MStore API plugin <= 4.18.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-23522LOWLobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File DeletionEPSS 0.2%CVE-2025-12015MEDIUMConvert WebP & AVIF | Quicq | Best image optimizer and compression plugin | Improve your Google Pagespeed <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Afosto DisconnectEPSS 0.2%CVE-2025-9029MEDIUMWDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget Builder <= 1.2.16 - Missing Authentication via wdkit_handle_review_submission FunctionEPSS 0.2%CVE-2026-4968MEDIUMSourceCodester Diary App diary.php cross-site request forgeryEPSS 0.2%CVE-2026-32407MEDIUMWordPress WPC Smart Wishlist for WooCommerce plugin <= 5.0.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24310LOWMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.2%CVE-2026-61952MEDIUMWordPress WooCommerce Bulk Edit Products – WP Sheet Editor plugin <= 1.8.21 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42051MEDIUMKirby: System API endpoint leaks license data and installed version to authenticated usersEPSS 0.2%CVE-2025-11762MEDIUMHubSpot All-In-One Marketing - Forms, Popups, Live Chat <= 11.3.32 - Missing Authorization to Authenticated (Contributor+) Installed Plugin DisclosureEPSS 0.2%CVE-2025-66107MEDIUMWordPress Subscriptions & Memberships for PayPal plugin <= 1.1.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25028MEDIUMWordPress ElementInvader Addons for Elementor plugin <= 1.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-56384MEDIUMCraft CMS - Missing Authorization in assets/preview-thumb EndpointEPSS 0.2%CVE-2026-2233MEDIUMUser Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Post Modification via 'post_id' ParameterEPSS 0.2%