Fallos del tipo CWE-862
6948 resultadosCVE-2025-47472MEDIUMWordPress Music Player for WooCommerce plugin <= 1.5.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-39554MEDIUMWordPress AI Text to Speech plugin <= 3.0.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22702MEDIUMWordPress Photography Theme <= 7.7.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-49991HIGHRustFS Snowball Auto-Extract: Path Traversal allows cross-bucket object injectionEPSS 0.3%CVE-2025-28985MEDIUMWordPress Elastic Email Subscribe Form plugin <= 1.2.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-49324MEDIUMWordPress Job Board Manager plugin <= 2.1.60 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-50009MEDIUMWordPress Kata Plus plugin <= 1.5.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-53255MEDIUMWordPress HurryTimer plugin <= 2.13.1 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2026-4094HIGHFOX – Currency Switcher Professional for WooCommerce <= 1.4.5 - Missing Authorization to Authenticated (Contributor+) Configuration DeletionEPSS 0.3%CVE-2025-47526MEDIUMWordPress GS Variation Swatches for WooCommerce plugin <= 3.0.4 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-49236MEDIUMWordPress Raychat plugin <= 2.1.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-49270MEDIUMWordPress WP-CRM System plugin <= 3.4.2 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-9626MEDIUMEditorial Assistant by Sovrn <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Attachment Upload and Set Post Featured ImageEPSS 0.3%CVE-2025-31923MEDIUMWordPress CSS3 Accordions for WordPress plugin <= 3.0 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2025-49320MEDIUMWordPress FraudLabs Pro for WooCommerce plugin <= 2.22.11 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-56349MEDIUMIn JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logsEPSS 0.3%CVE-2026-3506MEDIUMWP-Chatbot for Messenger <= 4.9 - Missing Authorization to Unauthenticated Chatbot Configuration TakeoverEPSS 0.3%CVE-2025-29006MEDIUMWordPress Direct Checkout for WooCommerce Lite plugin <= 1.0.3 - Broken Access Control VulnerabilityEPSS 0.3%CVE-2024-11911MEDIUMWP Crowdfunding <= 2.1.12 - Missing Authorization to Authenticated (Subscriber+) WooCommerce InstallationEPSS 0.3%CVE-2025-31630MEDIUMWordPress The Business <= 1.6.1 - Broken Access Control VulnerabilityEPSS 0.3%