Fallos del tipo CWE-862
7017 resultadosCVE-2025-69009MEDIUMWordPress Medicalequipment theme <= 1.0.9 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-5693MEDIUMSmart Appointment & Booking <= 1.0.8 - Missing Authorization to Unauthenticated Arbitrary Booking CancellationEPSS 0.2%CVE-2025-6726MEDIUMBlock Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta UpdateEPSS 0.2%CVE-2026-39637MEDIUMWordPress Mogi theme <= 1.2.3 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.2%CVE-2026-24982MEDIUMWordPress Spectra plugin <= 2.19.17 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25404MEDIUMWordPress WP Job Manager plugin <= 2.4.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-54743MEDIUMWordPress Download After Email Plugin 2.1.5-2.1.6 - Other Vulnerability Type VulnerabilityEPSS 0.2%CVE-2026-39669MEDIUMWordPress NitroPack plugin <= 1.19.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68994MEDIUMWordPress Product Loops for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-67929MEDIUMWordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-9187MEDIUMAbandoned Contact Form 7 <= 2.2 - Missing Authorization to Unauthenticated Arbitrary Post Deletion via 'recover_id' ParameterEPSS 0.2%CVE-2026-23543MEDIUMWordPress Essential Addons for Elementor plugin <= 6.5.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-68993MEDIUMWordPress Share, Print and PDF Products for WooCommerce plugin <= 3.1.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-12113MEDIUMAppointment Booking Calendar <= 1.4.02 - Missing Authorization to Authenticated (Contributor+) Sensitive Information DisclosureEPSS 0.2%CVE-2026-33915MEDIUMOpenEMR Missing ACL Checks on Insurance Company API RoutesEPSS 0.2%CVE-2025-49982MEDIUMWordPress WP Customer Area plugin <= 8.3.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66083MEDIUMWordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-45244LOWSummarize < 0.15.1 Unapproved Browser Automation ExecutionEPSS 0.2%CVE-2026-9172MEDIUMDevs Accounting <= 1.2.0 - Missing Authorization to Unauthenticated Account Deletion via /delete-account/ REST EndpointEPSS 0.2%CVE-2025-8488MEDIUMUltimate Addons for Elementor (Formerly Elementor Header & Footer Builder) <= 2.4.6 - Missing Authorization to Authenticated (Subscriber+) Limited Settings UpdateEPSS 0.2%