Fallos del tipo CWE-862
7010 resultadosCVE-2025-24584MEDIUMWordPress Ultimate Store Kit Elementor Addons plugin <= 2.3.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-65028MEDIUMRallly Has an IDOR Vulnerability in Vote Update Endpoint Allows Unauthorized Manipulation of Participant VotesEPSS 0.2%CVE-2025-13119MEDIUMFabian Ros/SourceCodester Simple E-Banking System cross-site request forgeryEPSS 0.2%CVE-2026-57335MEDIUMWordPress Ads by WPQuads plugin <= 3.0.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-3831MEDIUMDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.9 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via ShortcodeEPSS 0.2%CVE-2026-42377HIGHWordPress SureForms Pro plugin <= 2.8.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-9637MEDIUMQuiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response UploadsEPSS 0.2%CVE-2025-48013MEDIUMQuick Node Block - Moderately critical - Access bypass - SA-CONTRIB-2025-065EPSS 0.2%CVE-2026-32122MEDIUMOpenEMR: Missing Authorization on Claim File Tracker UI and AJAX Endpoint (V2)EPSS 0.2%CVE-2025-14367MEDIUMEasy Theme Options <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings ImportEPSS 0.2%CVE-2026-0676MEDIUMWordPress Zorka theme <= 1.5.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13405MEDIUMAce Post Type Builder <= 1.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Custom Taxonomy Deletion via 'taxonomy' ParameterEPSS 0.2%CVE-2025-13741MEDIUMSchedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash, Change Categories <= 4.9.2 - Missing Authorization to Authenticated (Contributor+) Authors' Emails ExposureEPSS 0.2%CVE-2024-13775MEDIUMWooCommerce Support Ticket System <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information ExposureEPSS 0.2%CVE-2025-23991MEDIUMWordPress Product Size Charts Plugin for WooCommerce plugin <= 2.4.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-24754MEDIUMWordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-4597MEDIUMWoo Slider Pro - Drag Drop Slider Builder For WooCommerce <= 1.12 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DeletionEPSS 0.2%CVE-2025-22722MEDIUMWordPress Widget Options plugin <= 4.0.8 - Broken Access Control to Notice Dimissal vulnerabilityEPSS 0.2%CVE-2025-48444MEDIUMQuick Node Block - Moderately critical - Access bypass - SA-CONTRIB-2025-064EPSS 0.2%CVE-2026-39690MEDIUMWordPress Author Avatars List/Block plugin <= 2.1.25 - Broken Access Control vulnerabilityEPSS 0.2%