Fallos del tipo CWE-862
6926 resultadosCVE-2025-24600MEDIUMWordPress RSVPMaker plugin <= 11.4.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68565MEDIUMWordPress Twitch Player plugin <= 2.1.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-52738MEDIUMWordPress Wikipedia Preview plugin <= 1.15.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-12849MEDIUMContest Gallery <= 28.0.2 - Missing AuthorizationEPSS 0.3%CVE-2025-68594MEDIUMWordPress Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin <= 19.12.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-7491MEDIUMHUSKY – Products Filter Professional for WooCommerce <= 1.3.6.1 - Insecure Direct Object Reference to UnsubscribeEPSS 0.3%CVE-2026-31266HIGHCraft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint (/actions/app/migrate).EPSS 0.3%CVE-2026-7050MEDIUMForms Rb <= 1.1.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via 'form_id' ParameterEPSS 0.3%CVE-2025-31544MEDIUMWordPress Swiss Toolkit For WP plugin <= 1.4.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1981MEDIUMWinston AI <= 0.0.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings DeletionEPSS 0.3%CVE-2025-31540MEDIUMWordPress ACME Divi Modules plugin <= 1.3.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-6883MEDIUMEvent Espresso 4 Decaf – Event Registration Event Ticketing <= 4.10.46.decaf- Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings ModificationEPSS 0.3%CVE-2025-63008MEDIUMWordPress WP ERP plugin <= 1.16.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-5957MEDIUMGuest Support – Complete customer support ticket system for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Ticket DeletionEPSS 0.3%CVE-2025-63054MEDIUMWordPress Quiz And Survey Master plugin <= 10.3.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68058HIGHWordPress Institutions Directory plugin <= 1.3..4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-39685MEDIUMWordPress The Moneytizer plugin <= 10.0.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-34691MEDIUMMissing Authorization check in SAP S/4HANA (Manage Incoming Payment Files)EPSS 0.3%CVE-2025-14895MEDIUMPopupKit <= 2.2.0 - Missing Authorization to Sensitive Information Disclosure and Data DeletionEPSS 0.3%CVE-2026-23632MEDIUMGogs user can update repository content with read-only permissionEPSS 0.3%