Fallos del tipo CWE-862
7018 resultadosCVE-2025-66060MEDIUMWordPress Seriously Simple Podcasting plugin <= 3.13.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-44559MEDIUMOpen WebUI: Missing Access Check on Channel Members Endpoint for Standard ChannelsEPSS 0.2%CVE-2025-14581MEDIUMHAPPY – Helpdesk Support Ticket System <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Ticket ReplyEPSS 0.2%CVE-2025-15524MEDIUMGallery by FooGallery <= 3.1.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Gallery Metadata ExposureEPSS 0.2%CVE-2025-13309MEDIUMAccessiy By CodeConfig Accessibility – Easy One-Click Accessibility Toolbar That Truly Matters <= 1.0.2 - Authenticated (Subscriber+) Missing Authorization to Modify Accessibility SettingsEPSS 0.2%CVE-2025-24116MEDIUMAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS VeEPSS 0.2%CVE-2026-34256HIGHMissing Authorization check in SAP ERP and SAP S/4 HANA (Private Cloud and On-Premise)EPSS 0.2%CVE-2025-8595MEDIUMZakra <= 4.1.5 - Missing Authorization to Subscriber+ Demo ImportEPSS 0.2%CVE-2025-2276MEDIUMUltimate Dashboard <= 3.8.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Modules Activation/DeactivationEPSS 0.2%CVE-2026-20193MEDIUMCisco Identity Services Engine Authentication Bypass VulnerabilityEPSS 0.2%CVE-2023-23729MEDIUMWordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Contributor+ reCAPTCHA Settings Change VulnerabilityEPSS 0.2%CVE-2025-3702MEDIUMWordPress Melapress File Monitor plugin < 2.2.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-13811MEDIUMLafka - Multi Store Burger - Pizza & Food Delivery WooCommerce Theme <= 4.5.7 - Missing Authorization to Authenticated (Subscriber+) Demo ImportEPSS 0.2%CVE-2025-58599MEDIUMWordPress Order Delivery Date for WooCommerce Plugin <= 4.1.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-60122MEDIUMWordPress HivePress Claim Listings plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-8996MEDIUMLayout Builder Advanced Permissions - Moderately critical - Access bypass - SA-CONTRIB-2025-097EPSS 0.2%CVE-2025-58813MEDIUMWordPress Consultstreet Theme <= 3.0.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-14357MEDIUMMega Store Woocommerce <= 5.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation and Settings ChangeEPSS 0.2%CVE-2026-43567HIGHOpenClaw < 2026.4.10 - Path Traversal in screen_record outPath ParameterEPSS 0.2%CVE-2024-13816MEDIUMAiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.6 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator ActionsEPSS 0.2%