Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-264 (权限、特权和访问控制) — Vulnerability Class 277

277 vulnerabilities classified as CWE-264 (权限、特权和访问控制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-39387 Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.5 -2023-08-13
CVE-2023-39384 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5 -2023-08-13
CVE-2023-39380 Huawei HarmonyOS 授权问题漏洞 — HarmonyOS 7.5 -2023-08-13
CVE-2023-3599 SourceCodester Best Fee Management System Add User admin_class.php save_user access control — Best Fee Management System 6.3 Medium2023-07-10
CVE-2022-48508 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5 -2023-07-06
CVE-2023-21641 Permissions, Privileges, and Access Controls in Display — Snapdragon 6.6 Medium2023-07-04
CVE-2023-22633 Fortinet FortiNAC 安全漏洞 — FortiNAC 7.2 High2023-06-13
CVE-2022-36246 Shop Beat Services Vulnerable To Insecure Permissions — studio 8.1 -2023-05-30
CVE-2023-2255 Remote documents loaded without prompt via IFrame — LibreOffice 5.3 -2023-05-25
CVE-2023-24573 Dell Command | Monitor 安全漏洞 — Dell Command Monitor (DCM) 4.7 Medium2023-02-10
CVE-2022-42459 WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerability — Image Hover Effects Ultimate (WordPress plugin) 7.2 High2022-11-18
CVE-2022-45369 WordPress Plugin for Google Reviews plugin <= 2.2.2 - Auth. Broken Access Control vulnerability — Plugin for Google Reviews (WordPress plugin) 4.3 Medium2022-11-18
CVE-2022-41839 WordPress LoginPress plugin <= 1.6.2 - Broken Access Control vulnerability — LoginPress | Custom Login Page Customizer (WordPress plugin) 5.3 Medium2022-11-18
CVE-2022-42461 WordPress miniOrange's Google Authenticator plugin <= 5.6.1 - Broken Access Control vulnerability — miniOrange's Google Authenticator (WordPress plugin) 5.4 Medium2022-11-18
CVE-2022-41781 WordPress Permalink Manager Lite plugin <= 2.2.20 - Broken Access Control vulnerability — Permalink Manager Lite 6.5 Medium2022-11-18
CVE-2022-38974 WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability — WPML Multilingual CMS (WordPress plugin) 4.3 Medium2022-11-18
CVE-2022-45069 WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability — Crowdsignal Dashboard – Polls, Surveys & more (WordPress plugin) 6.3 Medium2022-11-17
CVE-2022-41132 WordPress Ezoic plugin <= 2.8.8 - Unauthenticated Plugin Settings Change Leading To Stored XSS Vulnerability — Ezoic (WordPress plugin) 6.1 Medium2022-11-17
CVE-2022-45066 WordPress WooSwipe WooCommerce Gallery plugin <= 2.0.1 - Auth. Broken Access Control vulnerability — WooSwipe WooCommerce Gallery (WordPress plugin) 5.4 Medium2022-11-17
CVE-2022-38461 WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability — WPML Multilingual CMS (WordPress plugin) 5.4 Medium2022-11-17
CVE-2022-42460 WordPress Traffic Manager plugin <= 1.4.5 - Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS) — Traffic Manager (WordPress plugin) 6.5 Medium2022-11-10
CVE-2022-41978 WordPress Zoho CRM Lead Magnet plugin <= 1.7.5.8 - Auth. Arbitrary Options Update vulnerability — Zoho CRM Lead Magnet (WordPress plugin) 8.8 High2022-11-09
CVE-2022-38104 WordPress Accordions plugin <= 2.0.3 - Auth. WordPress Options Change vulnerability — Accordions – Multiple Accordions or FAQs Builder (WordPress plugin) 7.2 High2022-10-21
CVE-2022-3421 Privilege escalation in Google Drive for Desktop on MacOS — Drive for Desktop MacOS 5.6 Medium2022-10-17
CVE-2021-28052 Hitachi Content Platform Information Disclosure Vulnerability — Hitachi Content Platform 7.5 High2022-09-26
CVE-2022-38134 WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control vulnerability — Customer Reviews for WooCommerce (WordPress plugin) 4.3 Medium2022-09-23
CVE-2022-35238 WordPress Awesome Filterable Portfolio plugin <= 1.9.7 - Unauthenticated Plugin Settings Change vulnerability — Awesome Filterable Portfolio (WordPress plugin) 6.5 Medium2022-09-23
CVE-2022-38135 WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability — Photospace Gallery (WordPress plugin) 5.4 Medium2022-09-12
CVE-2022-36793 WordPress WP Shop plugin <= 3.9.6 - Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities — WP Shop (WordPress plugin) 6.5 Medium2022-09-09
CVE-2022-38067 WordPress Event Calendar – Calendar plugin <= 1.4.6 - Unauthenticated Event Deletion vulnerability — Event Calendar – Calendar (WordPress plugin) 6.5 Medium2022-09-09

Vulnerabilities classified as CWE-264 (权限、特权和访问控制) represent 277 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.