Fallos del tipo CWE-862
7018 resultadosCVE-2025-60152MEDIUMWordPress Subscribe To Unlock Plugin <= 1.1.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-48350MEDIUMWordPress AutoWP plugin <= 2.2.7 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-59805HIGHGumroad < 2026.07.06.2 - Insecure Direct Object Reference in PurchasesControllerEPSS 0.2%CVE-2026-49051MEDIUMWordPress WP Meta and Date Remover plugin <= 2.3.6 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-60124MEDIUMMISP importModule missing authorization allows read-only users to modify events via misp_standard importsEPSS 0.2%CVE-2025-60122MEDIUMWordPress HivePress Claim Listings plugin <= 1.1.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66138MEDIUMWordPress Motionger for Elementor plugin <= 2.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-53341MEDIUMWordPress Stratus Theme <= 4.2.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-60094MEDIUMWordPress Stackable Plugin <= 3.18.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-60128MEDIUMWordPress Delisho Plugin <= 1.1.3 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-43567HIGHOpenClaw < 2026.4.10 - Path Traversal in screen_record outPath ParameterEPSS 0.2%CVE-2025-14357MEDIUMMega Store Woocommerce <= 5.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation and Settings ChangeEPSS 0.2%CVE-2025-60143MEDIUMWordPress Netgsm plugin <= 2.9.69 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-58813MEDIUMWordPress Consultstreet Theme <= 3.0.0 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58617MEDIUMWordPress F4 Media Taxonomies Plugin <= 1.1.4 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-8996MEDIUMLayout Builder Advanced Permissions - Moderately critical - Access bypass - SA-CONTRIB-2025-097EPSS 0.2%CVE-2025-62106MEDIUMWordPress WP-CRM System plugin <= 3.4.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-57894MEDIUMWordPress WPPizza Plugin <= 3.19.8 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-53236MEDIUMWordPress UDesign Core plugin <= 4.14.0 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-2488MEDIUMProfileGrid <= 5.9.8.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message DeletionEPSS 0.2%