Fallos del tipo CWE-862
6908 resultadosCVE-2025-67540MEDIUMWordPress Animation Addons for Elementor plugin <= 2.4.5 - Arbitrary Content Deletion vulnerabilityEPSS 0.3%CVE-2023-48758HIGHWordPress JetEngine plugin <= 3.2.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-10543MEDIUMTumult Hype Animations <= 1.9.14 - Missing AuthorizationEPSS 0.3%CVE-2026-35061MEDIUMAnviz Products Missing AuthorizationEPSS 0.3%CVE-2023-52179MEDIUMWordPress Product Expiry for WooCommerce plugin <= 2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-10737HIGHSP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() FunctionEPSS 0.3%CVE-2024-56225MEDIUMWordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1897MEDIUMWeKan Position-History Tracking positionHistory.js PositionHistoryBleed authorizationEPSS 0.3%CVE-2026-2941HIGHLinksy Search and Replace <= 1.0.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Database Update via linksy_search_and_replace_item_detailsEPSS 0.3%CVE-2026-9015MEDIUMEqualize Digital Accessibility Checker <= 1.42.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Accessibility Issue Modification via edac_insert_ignore_data AJAX ActionEPSS 0.3%CVE-2025-65098HIGHTypebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization BypassEPSS 0.3%CVE-2025-3257MEDIUMxujiangfei admintwo updateSet cross-site request forgeryEPSS 0.3%CVE-2026-3432CRITICALSim Studio AI - Unauthenticated OAuth Token TheftEPSS 0.3%CVE-2025-63069MEDIUMWordPress Ivory Search plugin <= 5.5.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-49916HIGHWordPress MultiVendorX plugin <= 4.2.23 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3561MEDIUMghostxbh uzy-ssm-mall cross-site request forgeryEPSS 0.3%CVE-2026-57355MEDIUMWordPress Classified Listing plugin <= 5.4.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-45307HIGHSudoBot missing authorization check in `-config` commandEPSS 0.3%CVE-2025-14843MEDIUMWizit Gateway for WooCommerce <= 1.2.9 - Missing Authentication to Unauthenticated Arbitrary Order CancellationEPSS 0.3%CVE-2026-57353MEDIUMWordPress Link Whisper Premium plugin <= 2.9.0 - Broken Access Control vulnerabilityEPSS 0.3%