Fallos del tipo CWE-862
6926 resultadosCVE-2025-14895MEDIUMPopupKit <= 2.2.0 - Missing Authorization to Sensitive Information Disclosure and Data DeletionEPSS 0.3%CVE-2022-32966MEDIUMRealtek RTL8111FP-CG - Missing AuthorizationEPSS 0.3%CVE-2026-39658MEDIUMWordPress Panda Pods Repeater Field plugin <= 1.5.12 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-23632MEDIUMGogs user can update repository content with read-only permissionEPSS 0.3%CVE-2026-39685MEDIUMWordPress The Moneytizer plugin <= 10.0.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-63054MEDIUMWordPress Quiz And Survey Master plugin <= 10.3.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-68058HIGHWordPress Institutions Directory plugin <= 1.3..4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-32208MEDIUMWordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-6441MEDIUMCanto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting ModificationEPSS 0.3%CVE-2025-47563MEDIUMWordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.3%CVE-2024-6883MEDIUMEvent Espresso 4 Decaf – Event Registration Event Ticketing <= 4.10.46.decaf- Authenticated (Subscriber+) Missing Authorization to Limited Plugin Settings ModificationEPSS 0.3%CVE-2025-62754MEDIUMWordPress Payment Gateway bKash for WC plugin <= 3.1.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-13416MEDIUMProfileGrid – User Profiles, Groups and Communities <= 5.9.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User SuspensionEPSS 0.3%CVE-2025-66071MEDIUMWordPress Custom Order Numbers for WooCommerce plugin <= 1.11.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-63049MEDIUMWordPress ListingPro Lead Form plugin <= 1.0.7 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-1655MEDIUMEventPrime <= 4.2.8.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Event Modification via 'event_id' ParameterEPSS 0.3%CVE-2024-13651MEDIUMRapidLoad – Optimize Web Vitals Automatically <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Limited Setting ResetEPSS 0.3%CVE-2025-49961MEDIUMWordPress Breeze Checkout plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-2290MEDIUMLifterLMS <= 8.0.1 - Missing Authorization to Unauthenticated Post TrashingEPSS 0.3%CVE-2024-49687MEDIUMWordPress Smart Manager plugin <= 8.45.0 - Broken Access Control vulnerabilityEPSS 0.3%