Fallos del tipo CWE-862
7075 resultadosCVE-2025-62145MEDIUMWordPress DMCA Protection Badge plugin <= 2.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-40098MEDIUMOpenMage LTS imports cross-user wishlist item via shared wishlist code, leading to private option disclosure and file-disclosure variantEPSS 0.2%CVE-2026-39697MEDIUMWordPress MAIO – The new AI GEO / SEO tool plugin <= 6.2.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62138MEDIUMWordPress WP Advanced PDF plugin <= 1.1.7 - Other vulnerability Type vulnerabilityEPSS 0.2%CVE-2025-62087MEDIUMWordPress Sticky Notes for WP Dashboard plugin <= 1.2.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39699MEDIUMWordPress AI Workflow Automation plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62961MEDIUMWordPress Sparkle FSE theme <= 1.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62960MEDIUMWordPress Construction Light theme <= 1.6.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-63031MEDIUMWordPress EasyTest plugin <= 1.0.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69027MEDIUMWordPress Product Delivery Date for WooCommerce – Lite plugin <= 3.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69028MEDIUMWordPress weForms plugin <= 1.6.25 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62755MEDIUMWordPress GS Portfolio for Envato plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-23721MEDIUMOpenProject users with "View Members" permission in any project can view all Group membershipsEPSS 0.2%CVE-2026-27946HIGHZITADEL Users Can Self-Verify Email/Phone via UpdateHumanUser APIEPSS 0.2%CVE-2026-24619MEDIUMWordPress PopCash.Net Code Integration Tool plugin <= 1.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-62092MEDIUMWordPress Wiremo plugin <= 1.4.99 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-32386MEDIUMWordPress Envo Extra plugin <= 1.9.13 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-59005MEDIUMWordPress Categorify plugin <= 1.0.7.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-27111MEDIUMKargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API EndpointsEPSS 0.2%CVE-2025-48731MEDIUMUnauthorized Subscription Edit to Confluence Space in Mattermost Confluence PluginEPSS 0.2%