Fallos del tipo CWE-862
7010 resultadosCVE-2026-39655MEDIUMWordPress Mayosis Core plugin <= 5.4.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-49821HIGHFission: Cross-namespace Environment reference in Package allows build-time command execution and SA token exfiltrationEPSS 0.2%CVE-2025-54705MEDIUMWordPress WpEvently plugin <= 4.4.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1631MEDIUMFeeds for YouTube < 2.6.4 - Subscriber+ License Data DeletionEPSS 0.2%CVE-2025-5033MEDIUMXiaoBingby TeaCMS addUser cross-site request forgeryEPSS 0.2%CVE-2025-0515MEDIUMBuzz Club – Night Club, DJ and Music Festival Event WordPress Theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Option UpdateEPSS 0.2%CVE-2026-42069HIGHKirby: Read access to site, user and role information is not gated by permissionsEPSS 0.2%CVE-2026-24095MEDIUMMissing Permission Check on Analyze Configuration PageEPSS 0.2%CVE-2025-57972MEDIUMWordPress Helpdesk Support Ticket System for WooCommerce plugin <= 2.1.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-69364MEDIUMWordPress Breeze plugin <= 2.2.21 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1787MEDIUMLearnPress Export Import <= 4.1.0 - Missing Authentication to Unauthenticated Migrated Course DeletionEPSS 0.2%CVE-2026-32905HIGHOpenClaw < 2026.5.4 - Unauthorized Device-Pairing Bootstrap Code Issuance via Chat CommandEPSS 0.2%CVE-2025-57969MEDIUMWordPress Hide WP Toolbar Plugin <= 2.7 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-59561MEDIUMWordPress Smart Blocks Plugin <= 2.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-27688MEDIUMMissing Authorization check in SAP NetWeaver Application Server for ABAPEPSS 0.2%CVE-2025-24744MEDIUMWordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66088HIGHWordPress PropertyHive plugin <= 2.1.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9979MEDIUMMaspik <= 2.5.6 - Authenticated (Subscriber+) Missing Authorization to Spam Log ExportEPSS 0.2%CVE-2025-57995MEDIUMWordPress DethemeKit For Elementor Plugin <= 2.1.10 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-6703MEDIUMResponsive Blocks <= 2.2.1 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via AJAX ActionsEPSS 0.2%