Fallos del tipo CWE-862
6923 resultadosCVE-2025-0939MEDIUMMagicForm - WordPress Form Builder <= 1.6.2 - Missing AuthorizationEPSS 0.3%CVE-2025-63294MEDIUMWorkDo HRM SaaS HR and Payroll Tool 8.1 is affected vulnerable to Insecure Permissions. An authenticated user can create leave or resignatioEPSS 0.3%CVE-2025-69313HIGHWordPress PostX plugin <= 5.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-25309HIGHWordPress PublishPress Authors plugin <= 4.10.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-64631MEDIUMWordPress WCFM Marketplace plugin <= 3.7.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-58009LOWWordPress CP Multi View Event Calendar plugin <= 1.4.35 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-39513HIGHWordPress Easy Appointments plugin <= 3.12.21 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1671MEDIUMActivity Log for WordPress <= 1.2.8 - Missing Authorization to Sensitive Information Exposure via Log FileEPSS 0.3%CVE-2026-27374HIGHWordPress WooCommerce Order Details plugin <= 3.1 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-64209HIGHWordPress Masterstudy theme < 4.8.122 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1303MEDIUMMailChimp Campaigns <= 3.2.4 - Missing Authorization to Authenticated (Subscriber+) MailChimp App DisconnectionEPSS 0.3%CVE-2025-13440MEDIUMPremmerce Wishlist for WooCommerce <= 1.1.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wishlist DeletionEPSS 0.3%CVE-2025-62086MEDIUMWordPress Яндекс Доставка (Boxberry) plugin <= 2.34 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-7956MEDIUMAjax Search Lite <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search HandlerEPSS 0.3%CVE-2024-4138MEDIUMMissing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)EPSS 0.3%CVE-2024-4139MEDIUMMissing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)EPSS 0.3%CVE-2025-31469MEDIUMWordPress Clear Sucuri Cache plugin <= 1.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-2298HIGHAuthenticated API Endpoint Allows Arbitrary File Deletion in Dremio SoftwareEPSS 0.3%CVE-2025-32213MEDIUMWordPress Flo Forms plugin <= 1.0.43 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-41394HIGHOpenClaw < 2026.3.31 - Unauthorized Operator Scope Access in Unauthenticated Plugin-Auth RoutesEPSS 0.3%