Fallos del tipo CWE-862
7072 resultadosCVE-2026-43638MEDIUMBitwarden Server < 2026.4.1 Missing Authorization via Organization Cipher ImportEPSS 0.2%CVE-2026-42640MEDIUMWordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-42914LOWMissing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)EPSS 0.2%CVE-2025-7828MEDIUMWP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed DeletionEPSS 0.2%CVE-2026-24366MEDIUMWordPress YITH WooCommerce Request A Quote plugin <= 2.46.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24625MEDIUMWordPress File Uploads Addon for WooCommerce plugin <= 1.7.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25012MEDIUMWordPress WP Bannerize Pro plugin <= 1.11.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49857MEDIUMWordPress myCred plugin <= 2.9.4.2 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-62129MEDIUMWordPress RestroPress plugin <= 3.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66534MEDIUMWordPress The Aisle theme <= 2.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58976MEDIUMWordPress Accessibility Checker by Equalize Digital Plugin <= 1.31.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2024-40709HIGHA missing authorization vulnerability allows a local low-privileged user on the machine to escalate their privileges to root level.EPSS 0.2%CVE-2025-43318MEDIUMThis issue was addressed with additional entitlement checks. This issue is fixed in macOS Tahoe 26. An app with root privileges may be able EPSS 0.2%CVE-2025-49880MEDIUMWordPress CubeWP Forms plugin <= 1.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-66113MEDIUMWordPress Better Chat Support for Messenger plugin <= 1.2.18 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63006MEDIUMWordPress EventPrime plugin <= 4.2.4.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-41298MEDIUMOpenClaw < 2026.4.2 - Authorization Bypass in Session Termination EndpointEPSS 0.2%CVE-2026-49053MEDIUMWordPress ElementsKit Elementor addons Lite plugin <= 3.9.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66086MEDIUMWordPress SMS Alert Order Notifications plugin <= 3.8.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68861HIGHWordPress Plugin Optimizer plugin <= 1.3.7 - Broken Access Control vulnerabilityEPSS 0.2%