Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-269 (特权管理不恰当) — Vulnerability Class 992

992 vulnerabilities classified as CWE-269 (特权管理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-33569 WordPress Instant Images plugin <= 6.1.0 - Arbitrary Option Update to Privilege Escalation vulnerability — Instant Images 7.2 High2024-05-17
CVE-2024-34370 WordPress EAN for WooCommerce plugin <= 4.8.9 - Arbitrary Option Update to Privilege Escalation vulnerability — EAN for WooCommerce 7.2 High2024-05-17
CVE-2023-41957 WordPress Simple Membership plugin <= 4.3.4 - Unauthenticated Membership Role Privilege Escalation vulnerability — Simple Membership 8.6 High2024-05-17
CVE-2023-41955 WordPress Essential Addons for Elementor plugin <= 5.8.8 - Contributor+ Privilege Escalation vulnerability — Essential Addons for Elementor 8.8 High2024-05-17
CVE-2023-41954 WordPress ProfilePress plugin <= 4.13.1 - Unauthenticated Limited Privilege Escalation vulnerability — ProfilePress 8.6 High2024-05-17
CVE-2023-41665 WordPress GiveWP plugin <= 2.33.0 - GiveWP Manager+ Privilege Escalation vulnerability — GiveWP 8.8 High2024-05-17
CVE-2023-41243 WordPress WPvivid Backup Plugin plugin <= 0.9.90 - Privilege Escalation on Staging Environment vulnerability — WPvivid Backup and Migration 8.8 High2024-05-17
CVE-2023-37999 WordPress HT Mega Absolute Addons for Elementor plugin <= 2.2.0 - Unauthenticated Privilege Escalation vulnerability — HT Mega 9.8 Critical2024-05-17
CVE-2023-37866 WordPress JetFormBuilder plugin <= 3.0.8 - Authenticated Privilege Escalation vulnerability — JetFormBuilder 7.2 High2024-05-17
CVE-2023-37389 WordPress Booking Package SAASPROJECT plugin <= 1.5.98 - Unauthenticated Privilege Escalation vulnerability — Booking Package 8.8 High2024-05-17
CVE-2023-32244 WordPress Woodmart Core plugin <= 1.0.36 - Privilege Escalation — Woodmart Core 9.8 Critical2024-05-17
CVE-2023-26540 WordPress Houzez theme <= 2.7.1 - Privilege Escalation — Houzez 9.8 Critical2024-05-17
CVE-2023-26009 WordPress Houzez Login Register plugin <= 2.6.3 - Privilege Escalation — Houzez Login Register 9.8 Critical2024-05-17
CVE-2023-25701 WordPress WatchTowerHQ plugin <= 3.6.16 - Privilege Escalation — WatchTowerHQ 9.8 Critical2024-05-17
CVE-2023-23990 WordPress Redirection for Contact Form 7 plugin <= 2.7.0 - Privilege Escalation vulnerability — Redirection for Contact Form 7 7.6 High2024-05-17
CVE-2024-34082 Grav Arbitrary File Read to Account Takeover — grav 8.5 High2024-05-15
CVE-2023-33327 WordPress Leyka plugin <= 3.30.2 - Privilege Escalation vulnerability — Leyka 8.8 High2024-05-14
CVE-2024-30007 Microsoft Brokering File System Elevation of Privilege Vulnerability — Windows Server 2022, 23H2 Edition (Server Core installation) 8.8 High2024-05-14
CVE-2024-3828 Spectra Pro <= 1.1.5 - Authenticated (Author+) Privilege Escalation — Spectra Pro 8.8 High2024-05-10
CVE-2024-0097 CVE — ChatRTX 7.5 High2024-05-09
CVE-2024-0096 CVE — ChatRTX 7.5 High2024-05-09
CVE-2024-4545 EDB Postgres Advanced Server (EPAS) authenticated file read permissions bypass using edbldr — EDB Postgres Advanced Server 7.7 High2024-05-09
CVE-2024-3507 Privilege escalation vulnerability in Lunar — Lunar 7.7 High2024-05-08
CVE-2024-20021 MediaTek 芯片 安全漏洞 — MT6768, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8168, MT8183, MT8188, MT8188T, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8666A, MT8666B, MT8667, MT8673, MT8675, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8781, MT8786, MT8788, MT8788T, MT8788, MT8788X, MT8788Z, MT8792, MT8795T, MT8796, MT8798 6.7AIMediumAI2024-05-06
CVE-2023-7241 Webroot Antivirus COM-Hijacking LPE — Webroot AntiVirus (Consumer) and Webroot Endpoint Protection (Business) 7.9 High2024-05-01
CVE-2024-23457 Anti-tampering can be disabled with uninstall password enforced — Client Connector 7.8 High2024-05-01
CVE-2024-33522 Privilege escalation in Calico CNI install binary — Calico 6.7 Medium2024-04-29
CVE-2024-28241 GlPI-Agent MSI package installation doesn't update folder security profile when using non default installation folder — glpi-agent 7.3 High2024-04-25
CVE-2023-51425 WordPress Rencontre plugin <= 3.10.1 - Unauthenticated Account Takeover vulnerability — Rencontre – Dating Site 9.8 Critical2024-04-24
CVE-2024-4017 Privilege Escalation in U-Series Appliance — U-Series Appliance 8.8 High2024-04-19

Vulnerabilities classified as CWE-269 (特权管理不恰当) represent 992 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.