Fallos del tipo CWE-862
7074 resultadosCVE-2026-24994MEDIUMWordPress Sunshine Photo Cart plugin <= 3.5.7.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-40742MEDIUMWordPress Nelio AB Testing plugin <= 8.2.8 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2026-9486MEDIUMSourceCodester Student Grades Management System cross-site request forgeryEPSS 0.2%CVE-2025-49880MEDIUMWordPress CubeWP Forms plugin <= 1.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-66113MEDIUMWordPress Better Chat Support for Messenger plugin <= 1.2.18 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24625MEDIUMWordPress File Uploads Addon for WooCommerce plugin <= 1.7.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68861HIGHWordPress Plugin Optimizer plugin <= 1.3.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-0836MEDIUMXProtect MIP API Missing AuthorizationEPSS 0.2%CVE-2026-1927MEDIUMGreenShift - Animation and Page Builder Blocks <= 12.6 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure of AI API Keys and Stored Cross-Site Scripting via custom_cssEPSS 0.2%CVE-2026-1667HIGHSEO Plugin by Squirrly SEO <= 14.0.0 - Unauthenticated Arbitrary Post Creation and Stored Cross-Site Scripting via savePost()EPSS 0.2%CVE-2026-54322HIGHDaytona: Cross-org IDOR in organization role update/delete — any org owner can rewrite or destroy another org's rolesEPSS 0.2%CVE-2025-48009LOWSingle Content Sync - Moderately critical - Access bypass - SA-CONTRIB-2025-060EPSS 0.2%CVE-2026-39967LOWTypeBot: Cross-Typebot Result Data Access via Missing typebotId FilterEPSS 0.2%CVE-2026-25402MEDIUMWordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 16.011.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-22466MEDIUMWordPress WP MapIt plugin <= 3.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-28080MEDIUMWordPress Rank Math SEO PRO plugin <= 3.0.95 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69013MEDIUMWordPress Stratum plugin <= 1.6.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25393MEDIUMWordPress Hello FSE theme <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25394MEDIUMWordPress Fitness FSE theme <= 1.0.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25416MEDIUMWordPress News Kit Elementor Addons plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.2%