Fallos del tipo CWE-862
7075 resultadosCVE-2025-66114MEDIUMWordPress Show Variations as Single Products Woocommerce plugin <= 2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27678MEDIUMMissing Authorization check in SAP S/4HANA Backend OData Service (Manage Reference Structures)EPSS 0.2%CVE-2025-66089MEDIUMWordPress Product Feed for WooCommerce plugin <= 2.3.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66109MEDIUMWordPress Cart Weight for WooCommerce plugin <= 1.9.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-8144MEDIUMMissing Authorization in GitLabEPSS 0.2%CVE-2025-62751MEDIUMWordPress Vireo theme <= 1.0.24 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-64273MEDIUMWordPress Email marketing for WordPress by GetResponse Official plugin <= 1.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39715MEDIUMWordPress AnyTrack Affiliate Link Manager plugin <= 1.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-2395HIGHBulgarisation for WooCommerce <= 3.0.14 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-15634MEDIUMHCL BigFix WebUI is affected by a missing authorization vulnerabilityEPSS 0.2%CVE-2025-62116MEDIUMWordPress AI Copilot plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1869MEDIUMUser Registration & Membership <= 5.2.0 - Missing Authorization to Unauthenticated Payment BypassEPSS 0.2%CVE-2026-46365MEDIUMphpMyFAQ - Missing Authorization in Tag Deletion EndpointEPSS 0.2%CVE-2025-62965MEDIUMWordPress Admin Management Xtended plugin <= 2.5.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-34837MEDIUMZammad is miissing authorization in AI assistance controller for context data used in text toolsEPSS 0.2%CVE-2026-39705MEDIUMWordPress MIPL WC Multisite Sync plugin <= 1.4.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32487MEDIUMWordPress Lawyer Landing Page theme <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9542MEDIUMAutomatorWP <= 5.3.7 - Authenticated (Subscriber+) Missing Authorization to Multiple FunctionsEPSS 0.2%CVE-2022-36836MEDIUMUnprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission.EPSS 0.2%CVE-2025-62073MEDIUMWordPress MeetingHub plugin <= 1.23.9 - Broken Access Control vulnerabilityEPSS 0.2%