Fallos del tipo CWE-862
7027 resultadosCVE-2025-67737LOWAzuraCast Vulnerable to Pre-Auth File Deletion & Admin RCEEPSS 0.2%CVE-2025-64370MEDIUMWordPress YOP Poll plugin <= 6.5.38 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1003MEDIUMGetGenie – AI Content Writer with Keyword Research & SEO Tracking Tools <= 4.3.0 - Missing Authorization to Authenticated (Author+) Arbitrary Post DeletionEPSS 0.2%CVE-2026-3552MEDIUMSurfLink < 2.6.0 - Missing Authorization to Authenticated (Subscriber+) 410 Gone URL Import via 'surfl_import_410' AJAX ActionEPSS 0.2%CVE-2022-46845MEDIUMWordPress Slider a SlidersPack plugin <= 2.0.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-12778MEDIUMUltimate Member Widgets for Elementor <= 2.3 - Missing Authorization to Unauthenticated Information ExposureEPSS 0.2%CVE-2026-34050MEDIUMCoolify Settings/Updates Livewire component missing instance administrator authorizationEPSS 0.2%CVE-2026-57649MEDIUMWordPress Shoppable Images Lite plugin <= 1.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-49054MEDIUMWordPress The Post Grid plugin <= 7.9.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-12729MEDIUMweDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot <= 2.3.0 - Missing Authorization to Authenticated (Subscriber+) Data Migration via wedocs_migrate_betterdocs_to_wedocs AJAX ActionEPSS 0.2%CVE-2026-43568HIGHOpenClaw 2026.4.5 through 2026.4.9 - Privilege Escalation via Memory Dreaming Configuration in /dreaming EndpointEPSS 0.2%CVE-2026-25372MEDIUMWordPress Academy LMS plugin <= 3.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-25081MEDIUMWordPress Embed RSS plugin <= 3.1 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.2%CVE-2026-1153MEDIUMtechnical-laohu mpay cross-site request forgeryEPSS 0.2%CVE-2024-23230MEDIUMThis issue was addressed with improved file handling. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5.EPSS 0.2%CVE-2025-14540MEDIUMUserback <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) Plugin's Configuration ExposureEPSS 0.2%CVE-2026-1948MEDIUMNEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Authenticated (Subscriber+) License Deactivation via deactivate_licenseEPSS 0.2%CVE-2025-12481MEDIUMWP Duplicate Page <= 1.7 - Missing Authorization to Authenticated (Contributor+) Sensitive Information DisclosureEPSS 0.2%CVE-2026-33305MEDIUMOpenEMR has Authorization Bypass in FaxSMS AppDispatch ConstructorEPSS 0.2%CVE-2025-63039MEDIUMWordPress ListingPro theme <= 2.9.9 - Broken Access Control vulnerabilityEPSS 0.2%