Fallos del tipo CWE-862
7047 resultadosCVE-2026-2233MEDIUMUser Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Post Modification via 'post_id' ParameterEPSS 0.2%CVE-2025-14371MEDIUMTaxoPress <= 3.41.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Tag ModificationEPSS 0.2%CVE-2025-66099MEDIUMWordPress Chat Help plugin <= 3.1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-42051MEDIUMKirby: System API endpoint leaks license data and installed version to authenticated usersEPSS 0.2%CVE-2026-56384MEDIUMCraft CMS - Missing Authorization in assets/preview-thumb EndpointEPSS 0.2%CVE-2025-64246MEDIUMWordPress Accessibility by AudioEye plugin <= 1.0.49 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64247MEDIUMWordPress Read More & Accordion plugin <= 3.5.5.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54045MEDIUMWordPress CM On Demand Search And Replace plugin <= 1.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54005MEDIUMWordPress SKT Page Builder plugin <= 4.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64243MEDIUMWordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64242MEDIUMWordPress Easy Property Listings plugin <= 3.5.22 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66526MEDIUMWordPress Tablesome plugin <= 1.1.34 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-48878MEDIUMCombodo iTop vulnerable to IDOR with ModuleInstallation objectEPSS 0.2%CVE-2025-62995MEDIUMWordPress MultiParcels Shipping For WooCommerce plugin <= 1.30.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64245MEDIUMWordPress Import external attachments plugin <= 1.5.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62996MEDIUMWordPress Custom Layouts – Post + Product grids made easy plugin <= 1.4.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-24709MEDIUMWordPress Shareaholic plugin <= 9.7.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-59001MEDIUMWordPress Salient Core plugin <= 3.0.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-62186HIGHOpenClaw < 2026.6.8 Authorization Bypass via HTTP Model OverrideEPSS 0.2%CVE-2025-64238MEDIUMWordPress WPS Bidouille plugin <= 1.33.1 - Broken Access Control vulnerabilityEPSS 0.2%