Fallos del tipo CWE-862
6961 resultadosCVE-2026-24362MEDIUMWordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23929MEDIUMWordPress Email Capture & Lead Generation Plugin <= 1.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-35998MEDIUMITM Server Missing Authorization in SOAP EndpointsEPSS 0.2%CVE-2025-68025MEDIUMWordPress Addonify Floating Cart For WooCommerce plugin <= 1.2.17 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14047MEDIUMWP User Frontend <= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment DeletionEPSS 0.2%CVE-2025-66141MEDIUMWordPress Scroller plugin <= 2.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23930MEDIUMWordPress PayPal Marketing Solutions plugin <= 1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68026MEDIUMWordPress LC Wizard plugin <= 2.1.1 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-68024MEDIUMWordPress Addonify – WooCommerce Wishlist plugin <= 2.0.15 - Settings Change vulnerabilityEPSS 0.2%CVE-2026-1925MEDIUMEmailKit – Email Customizer for WooCommerce & WP <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Title ModificationEPSS 0.2%CVE-2026-47125HIGHArcane: Missing admin authorization on global variables endpointEPSS 0.2%CVE-2025-68028MEDIUMWordPress GA4WP: Google Analytics for WordPress plugin <= 2.10.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-23955MEDIUMWordPress Xola plugin <= 1.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-5228HIGHImproper Access Control in Kurt Software Studio's WriteUp Mobile AppEPSS 0.2%CVE-2026-27468MEDIUMMastodon may allow unconfirmed FASP to make subscriptionsEPSS 0.2%CVE-2025-31603MEDIUMWordPress CF7 Spreadsheets plugin <= 2.3.2 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-58968MEDIUMWordPress MaxiBlocks Plugin <= 2.1.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-1537MEDIUMLatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Missing Authorization to Booking Details ExposureEPSS 0.2%CVE-2025-27294MEDIUMWordPress WP-Asambleas plugin <= 2.85.0 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.2%CVE-2026-33918HIGHOpenEMR Missing Authorization on Claim File Download EndpointEPSS 0.2%