Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-24744 WordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerability — Bridge Core 4.3 Medium2025-01-27
CVE-2025-24747 WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability — Houzez 5.3 Medium2025-01-27
CVE-2025-24734 WordPress Better Find and Replace plugin <= 1.6.7 - Privilege Escalation vulnerability — Better Find and Replace 8.8 High2025-01-27
CVE-2025-24653 WordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.1.1 - Broken Access Control vulnerability — Admin and Site Enhancements (ASE) Pro 4.3 Medium2025-01-27
CVE-2025-24662 WordPress LearnDash LMS Plugin <= 4.20.0.1 - Broken Access Control vulnerability — LearnDash LMS 5.3 Medium2025-01-27
CVE-2025-24603 WordPress Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce plugin <= 3.4.10 - Broken Access Control vulnerability — Print Barcode Labels for your WooCommerce products/orders 4.3 Medium2025-01-27
CVE-2025-24600 WordPress RSVPMaker plugin <= 11.4.5 - Broken Access Control vulnerability — RSVPMarker 5.3 Medium2025-01-27
CVE-2025-24606 WordPress Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPress plugin <=20.8.1 - Broken Access Control vulnerability — Client Invoicing by Sprout Invoices 6.4 Medium2025-01-27
CVE-2025-24590 WordPress picu – Online Photo Proofing Gallery plugin <= 2.4.0 - Broken Access Control vulnerability — picu 5.3 Medium2025-01-27
CVE-2025-23849 WordPress PAPERCITE plugin <= 0.5.18 - Broken Access Control vulnerability — PAPERCITE 5.4 Medium2025-01-27
CVE-2025-23656 WordPress Donate visa plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability — Donate visa 6.5 Medium2025-01-27
CVE-2025-23529 WordPress Minterpress plugin <= 1.0.5 - Arbitrary Content Deletion vulnerability — Minterpress 6.5 Medium2025-01-27
CVE-2025-24754 WordPress Houzez theme <= 3.4.0 - Broken Access Control vulnerability — Houzez 4.3 Medium2025-01-27
CVE-2025-24584 WordPress Ultimate Store Kit Elementor Addons plugin <= 2.3.0 - Broken Access Control vulnerability — Ultimate Store Kit Elementor Addons 4.3 Medium2025-01-27
CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update — Zox News 8.8 High2025-01-26
CVE-2024-10574 Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Missing Authorization to Google Sheets Integration Credentials Modification and Stored Cross-Site Scripting — Quiz Maker Developer 7.2 High2025-01-26
CVE-2024-13449 Boom Fest <= 2.2.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update — Boom Fest 4.3 Medium2025-01-25
CVE-2024-12826 GoHero Store Customizer for WooCommerce <= 3.5 - Missing Authorization to Unuthenticated Settings Update — GoHero Store Customizer for WooCommerce 4.3 Medium2025-01-25
CVE-2024-13370 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.3 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update (save_addon_key_license) — Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress 6.5 Medium2025-01-25
CVE-2024-13368 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update — Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress 4.3 Medium2025-01-25
CVE-2024-12113 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress By KaineLabs <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Review Deletion — Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress 4.3 Medium2025-01-25
CVE-2025-24736 WordPress Post Duplicator plugin <= 2.35 - Broken Access Control vulnerability — Post Duplicator 4.3 Medium2025-01-24
CVE-2025-24753 WordPress Kadence Blocks plugin <= 3.3.1 - Broken Access Control vulnerability — Gutenberg Blocks by Kadence Blocks 4.3 Medium2025-01-24
CVE-2025-24751 WordPress CoBlocks plugin <= 3.1.13 - Broken Access Control vulnerability — CoBlocks 4.3 Medium2025-01-24
CVE-2025-24750 WordPress ExactMetrics plugin <= 8.1.0 - Broken Access Control vulnerability — ExactMetrics 5.4 Medium2025-01-24
CVE-2025-24725 WordPress Thim Elementor Kit Plugin <= 1.2.8 - Broken Access Control vulnerability — Thim Elementor Kit 4.3 Medium2025-01-24
CVE-2025-24705 WordPress WooCommerce Quick View plugin <= 1.1.1 - Sensitive Data Exposure vulnerability — WooCommerce Quick View 5.3 Medium2025-01-24
CVE-2025-24691 WordPress People Lists plugin <= 1.3.10 - Broken Access Control vulnerability — People Lists 4.3 Medium2025-01-24
CVE-2025-24693 WordPress Advanced Notifications plugin <= 1.2.7 - Broken Access Control vulnerability — Advanced Notifications 4.3 Medium2025-01-24
CVE-2025-24682 WordPress Super Block Slider plugin <= 2.7.9 - Broken Access Control vulnerability — Super Block Slider 4.3 Medium2025-01-24

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.