Fallos del tipo CWE-862
6961 resultadosCVE-2025-7756MEDIUMcode-projects E-Commerce Site cross-site request forgeryEPSS 0.2%CVE-2026-57429MEDIUMWordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-8077HIGHWeak credentials vulnerability in the CashDro 3 web administration panelEPSS 0.2%CVE-2025-12783MEDIUMPremmerce Brands for WooCommerce <= 1.2.13 - Missing Authorization To Authenticated (Subscriber+) Brand Permalink Settings UpdateEPSS 0.2%CVE-2025-58650MEDIUMWordPress All In One SEO Pack Plugin <= 4.8.7.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58672MEDIUMWordPress WP User Frontend Plugin <= 4.1.12 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-32212MEDIUMWordPress Specia Companion plugin <= 6.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-24941HIGHWordPress WP Job Portal plugin <= 2.4.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67976MEDIUMWordPress Watu Quiz plugin <= 3.4.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57521MEDIUMBitwarden Server < 2026.5.0 Broken Access Control via PreviewInvoiceControllerEPSS 0.2%CVE-2026-59796HIGHIn JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checksEPSS 0.2%CVE-2025-53291MEDIUMWordPress Spreadconnect plugin <= 2.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-60096MEDIUMWordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-31386MEDIUMWordPress Simple:Press plugin <= 6.11.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58667MEDIUMWordPress ListingPro Reviews plugin < 2.9.11 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-4331MEDIUMBlog2Social: Social Media Auto Post & Scheduler <= 8.8.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Deletion via 'b2s_reset_social_meta_tags' AJAX ActionEPSS 0.2%CVE-2025-60097MEDIUMWordPress TheGem Theme <= 5.10.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-66532MEDIUMWordPress Powerlift theme < 3.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2992HIGHKiviCare <= 4.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via Setup WizardEPSS 0.2%CVE-2024-10860MEDIUMNextMove Lite – Thank You Page for WooCommerce <= 2.19.0 - Missing Authorization to Authenticated (Subscriber+) Deactivation Reason SubmissionEPSS 0.2%