Fallos del tipo CWE-862
7009 resultadosCVE-2025-3863MEDIUMPost Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form FunctionEPSS 0.2%CVE-2025-1233MEDIUMLafka Plugin <= 7.1.0 - Missing Authorization to Authenticated (Subscriber+) Theme Option UpdateEPSS 0.2%CVE-2025-62019MEDIUMWordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66080MEDIUMWordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-40571MEDIUMNamelessMC: Reactions on private or blocking profile posts can be modified without proper authorizationEPSS 0.2%CVE-2025-49971MEDIUMWordPress eDS Responsive Menu plugin <= 1.2 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-23189MEDIUMMissing Authorization Check in SAP NetWeaver and ABAP Platform (SDCCN)EPSS 0.2%CVE-2026-59853MEDIUMSiYuan: Publish-mode Reader can exfiltrate private saved-search Criteria via /api/storage/getCriteria (missing publish-access filter)EPSS 0.2%CVE-2026-22458MEDIUMWordPress Wanderland theme <= 1.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-31841MEDIUMWordPress FPW Category Thumbnails Plugin <= 1.9.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-1528MEDIUMSearch and filter pro <= 2.5.19 - Missing Authorization to Authenticated (Subscriber+) Post Meta ExposureEPSS 0.2%CVE-2026-39716MEDIUMWordPress Flipmart theme <= 2.8 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-4795MEDIUMA missing authorization vulnerability in Zyxel GS1200-5v3 firmware versions through 1.00(ACPS.2)C0, GS1200-8v3 firmware versions through 1.0EPSS 0.2%CVE-2026-0593MEDIUMWP Go Maps (formerly WP Google Maps) <= 10.0.04 - Missing Authorization to Authenticated (Subscriber+) Map Engine Setting ModificationEPSS 0.2%CVE-2025-13750MEDIUMConverter for Media <= 6.3.2 - Missing Authorization to Authenticated (Subscriber+) Optimized Image Deletion via regenerate-attachment REST EndpointEPSS 0.2%CVE-2024-0394HIGHRapid7 Minerva Armor Privilege EscalationEPSS 0.2%CVE-2026-15320MEDIUMSipeed PicoClaw pico.go rt.ReloadConfig authorizationEPSS 0.2%CVE-2025-58258MEDIUMWordPress Lazy Blocks Plugin <= 4.1.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-39553MEDIUMWordPress Church Admin plugin <= 5.0.9 - Sensitive Data Exposure vulnerabilityEPSS 0.2%CVE-2025-9218LOWrtMedia for WordPress, BuddyPress and bbPress 4.7.0 - 4.7.3 - Missing Authorization to Unauthenticated Information Disclosure via handle_rest_pre_dispatch FunctionEPSS 0.2%