Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-24679 WordPress Internal Links Manager plugin <= 2.5.2 - Broken Access Control vulnerability — Internal Links Manager 4.3 Medium2025-01-24
CVE-2025-24649 WordPress Admin and Site Enhancements (ASE) Plugin <= 7.6.2 - Broken Access Control vulnerability — Admin and Site Enhancements (ASE) 4.3 Medium2025-01-24
CVE-2025-24625 WordPress Taxonomy/Term and Role based Discounts for WooCommerce plugin <= 5.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Taxonomy/Term and Role based Discounts for WooCommerce 4.3 Medium2025-01-24
CVE-2025-24652 WordPress WP Duplicate plugin <= 1.1.6 - Broken Access Control vulnerability — WP Duplicate 5.4 Medium2025-01-24
CVE-2025-24613 WordPress FV Thoughtful Comments plugin <= 0.3.5 - Broken Access Control vulnerability — FV Thoughtful Comments 4.3 Medium2025-01-24
CVE-2025-24618 WordPress ElementInvader Addons for Elementor Plugin <= 1.3.1 - Broken Access Control vulnerability — ElementInvader Addons for Elementor 4.3 Medium2025-01-24
CVE-2025-24633 WordPress Build Private Store For Woocommerce plugin <= 1.0 - Broken Access Control vulnerability — Build Private Store For Woocommerce 5.3 Medium2025-01-24
CVE-2025-24596 WordPress WooCommerce Product Table Lite plugin <= 3.8.7 - Broken Access Control vulnerability — WooCommerce Product Table Lite 5.3 Medium2025-01-24
CVE-2025-24604 WordPress VForm plugin <= 3.0.5 - Broken Access Control vulnerability — VPSUForm 5.4 Medium2025-01-24
CVE-2025-24594 WordPress Linet ERP-Woocommerce Integration plugin <= 3.5.7 - CSRF to Broken Access Control vulnerability — Linet ERP-Woocommerce Integration 6.5 Medium2025-01-24
CVE-2025-24588 WordPress Patreon WordPress plugin <= 1.9.1 - Broken Access Control vulnerability — Patreon WordPress 6.5 Medium2025-01-24
CVE-2025-24589 WordPress JSM Show Post Metadata plugin <= 4.6.0 - Broken Access Control vulnerability — JSM Show Post Metadata 4.3 Medium2025-01-24
CVE-2025-24571 WordPress WP Fast Total Search plugin <= 1.78.258 - Broken Access Control vulnerability — WP Fast Total Search 5.4 Medium2025-01-24
CVE-2025-24591 WordPress GDPR CCPA Compliance & Cookie Consent Banner plugin <= 2.7.1 - Broken Access Control vulnerability — GDPR CCPA Compliance Support 4.3 Medium2025-01-24
CVE-2025-24580 WordPress 12 Step Meeting List plugin <= 3.16.5 - Arbitrary Content Deletion vulnerability — 12 Step Meeting List 6.5 Medium2025-01-24
CVE-2025-22611 Coolify vulnerable to Privilege Escalation resulting in Remote Command Execution (RCE) — coolify 10.0 Critical2025-01-24
CVE-2025-22610 Coolify Vulnerable to OAuth Secrets Leak — coolify 7.1 -2025-01-24
CVE-2025-22609 Coolify Vulnerable to Private Key Hijacking / Remote Command Execution (RCE) — coolify 10.0 Critical2025-01-24
CVE-2025-23991 WordPress Product Size Charts Plugin for WooCommerce plugin <= 2.4.5 - Broken Access Control vulnerability — Product Size Charts Plugin for WooCommerce 4.3 Medium2025-01-24
CVE-2024-13698 Jobify - Job Board WordPress Theme <= 4.2.7 - Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image Generation — Jobify - Job Board WordPress Theme 6.5 Medium2025-01-24
CVE-2024-13335 Sastra Essential Addons for Elementor – Free Elementor Addons, Widgets and Templates <= 1.0.14 - Missing Authorization to Spexo Theme Install — Spexo Addons for Elementor – Elementor Widgets, Mega Menu, Popup Builder, Template Kits and Starter Templates for Elementor 4.3 Medium2025-01-24
CVE-2025-23486 WordPress Database Sync plugin <= 0.5.1 - Sensitive Data Exposure vulnerability — Database Sync 6.5 Medium2025-01-22
CVE-2025-23684 WordPress Debug Tool plugin <= 2.2 - Broken Access Control vulnerability — Debug Tool 4.3 Medium2025-01-22
CVE-2025-23512 WordPress Team 118GROUP Agent plugin <= 1.6.0 - Arbitrary Content Deletion vulnerability — Team 118GROUP Agent 7.5 High2025-01-22
CVE-2024-13447 WP Hotel Booking <= 2.1.6 - Missing Authorization to Authenticated (Subscriber+) User Email Retrieval — WP Hotel Booking 4.3 Medium2025-01-22
CVE-2024-13361 AI Power: Complete AI Pack <= 1.8.96 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution — AI Puffer – Your AI engine for WordPress (formerly AI Power) 6.3 Medium2025-01-22
CVE-2024-12879 WPBot Pro Wordpress Chatbot <= 13.5.5 - Missing Authorization to Authenticated (Subscriber+) Simple Text Response Creation — WPBot Pro Wordpress Chatbot 4.3 Medium2025-01-22
CVE-2025-24461 JetBrains TeamCity 安全漏洞 — TeamCity 6.5 Medium2025-01-21
CVE-2025-22722 WordPress Widget Options plugin <= 4.0.8 - Broken Access Control to Notice Dimissal vulnerability — Widget Options 4.3 Medium2025-01-21
CVE-2025-22721 WordPress ApplyOnline plugin <= 2.6.7.1 - Broken Access Control vulnerability — ApplyOnline 4.3 Medium2025-01-21

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.