Fallos del tipo CWE-862
6960 resultadosCVE-2025-27013MEDIUMWordPress MediCenter theme < 14.7 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-58247MEDIUMWordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-13484LOWMLflow Experiment-scoped Label Schema CRUD API authorizationEPSS 0.3%CVE-2024-24704MEDIUMWordPress Load More Anything plugin <= 3.3.3 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22740MEDIUMWordPress Sensei LMS plugin <= 4.24.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-5732MEDIUMcode-projects Traffic Offense Reporting System cross-site request forgeryEPSS 0.3%CVE-2025-31618MEDIUMWordPress Connector to CiviCRM with CiviMcRestFace plugin <= 1.0.10 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-58679MEDIUMWordPress AppMySite plugin <= 3.15.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-62977MEDIUMWordPress 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin <= 2.1.4 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-5132MEDIUMTmall Demo logout cross-site request forgeryEPSS 0.3%CVE-2024-12855MEDIUMAdForest - Classified Ads WordPress Theme <= 5.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post/Attachment DeletionEPSS 0.3%CVE-2026-39448HIGHWordPress NOWPayments for WooCommerce plugin <= 1.4.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2024-9630MEDIUMWPS Telegram Chat <= 4.6.0 - Missing Authorization to Information ExposureEPSS 0.3%CVE-2025-22739MEDIUMWordPress LearnPress plugin <= 4.2.7.5 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-58668MEDIUMWordPress WPLMS theme <= 4.970 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-58938HIGHWordPress IDonatePro plugin <= 2.1.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2026-58377HIGHJeecgBoot 3.9.2 - Missing Authorization on OpenAPI Credential Management Endpoints Exposes Access/Secret KeysEPSS 0.3%CVE-2025-6105MEDIUMjflyfox jfinal_cms HOME.java cross-site request forgeryEPSS 0.3%CVE-2022-41650MEDIUMWordPress Custom Content by Country plugin <= 3.1.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-14339MEDIUMweMail <= 2.0.7 - Missing Authorization to Unauthenticated Form DeletionEPSS 0.3%