Fallos del tipo CWE-862
7000 resultadosCVE-2023-28619MEDIUMWordPress Resoto theme <= 1.0.8 - Broken Access Control to Arbitrary Plugin ActivationEPSS 0.2%CVE-2026-40782MEDIUMWordPress WPAdverts plugin <= 2.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-31915MEDIUMWordPress Flatsome theme <= 3.19.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-45393MEDIUMComputer Vision Annotation Tool (CVAT) is missing authorization for endpoints related to webhook deliveriesEPSS 0.2%CVE-2025-67993MEDIUMWordPress Atarim plugin <= 4.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57324MEDIUMWordPress GIFT4U plugin <= 1.0.10 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68049MEDIUMWordPress bunny.net plugin <= 2.3.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69095MEDIUMWordPress Reservation Plugin plugin <= 1.7 - Settings Change vulnerabilityEPSS 0.2%CVE-2025-67913MEDIUMWordPress Aruba HiSpeed Cache plugin < 3.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68547HIGHWordPress Follow My Blog Post plugin <= 2.4.0 - Arbitrary Content Deletion vulnerabilityEPSS 0.2%CVE-2025-49980MEDIUMWordPress WP User Profile Avatar plugin <= 1.0.6 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-49949MEDIUMWordPress Templazee plugin <= 1.0.2 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57688HIGHWordPress POS Entegratör plugin <= 3.7.103 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-39525MEDIUMWordPress Booking Activities plugin <= 1.16.48.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-49902MEDIUMWordPress Login Page Customizer – Customizer Login Page, Admin Page, Custom Design plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-6865MEDIUMDaiCuo index cross-site request forgeryEPSS 0.2%CVE-2026-27328MEDIUMWordPress EduBlink theme <= 2.0.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-8689MEDIUMVisualizer: Tables and Charts Manager for WordPress <= 3.11.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Chart Creation and Modification via renderChartPages() and uploadData() FunctionsEPSS 0.2%CVE-2025-9076MEDIUMMattermost Server exposes sensitive user credentials during shared channel membership synchronizationEPSS 0.2%CVE-2024-13687MEDIUMTeam Builder – Meet the Team <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.2%