Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-23477 WordPress Realty Workstation plugin <= 1.0.45 - Broken Access Control vulnerability — Realty Workstation 8.2 High2025-01-21
CVE-2025-22717 WordPress My Tickets plugin <= 2.0.9 - Broken Access Control vulnerability — My Tickets 7.5 High2025-01-21
CVE-2025-22318 WordPress Standard Box Sizes plugin <= 1.6.13 - Broken Access Control vulnerability — Standard Box Sizes – for WooCommerce 7.5 High2025-01-21
CVE-2024-12104 Visual Website Collaboration, Feedback & Project Management – Atarim <= 4.0.9 - Missing Authorization to Authenticated (Subscriber+) Project Page/File Deletion — Atarim – Visual Feedback, Review & AI Collaboration 5.3 Medium2025-01-21
CVE-2025-0515 Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme <= 2.0.4 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Option Update — Buzz Club – Night Club, DJ and Music Festival Event WordPress Theme 4.3 Medium2025-01-18
CVE-2024-12071 Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Post Deletion — Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media 5.3 Medium2025-01-18
CVE-2024-13367 Sandbox <= 0.4 - Missing Authorization to Authenticated (Subscriber+) Sandbox Download — Sandbox 6.5 Medium2025-01-17
CVE-2025-23764 WordPress Copy Move Posts plugin <= 1.6 - Broken Access Control vulnerability — Copy Move Posts 5.3 Medium2025-01-16
CVE-2025-23761 WordPress Woo Tuner plugin <= 0.1.2 - Broken Access Control vulnerability — Woo Tuner 5.4 Medium2025-01-16
CVE-2025-23957 WordPress Sur.ly plugin <= 3.0.3 - Broken Access Control vulnerability — Sur.ly 4.3 Medium2025-01-16
CVE-2025-23955 WordPress Xola plugin <= 1.6 - Broken Access Control vulnerability — Xola 4.3 Medium2025-01-16
CVE-2025-23961 WordPress WordPress Graphs & Charts Plugin <= 2.0.8 - Broken Access Control vulnerability — WordPress Graphs & Charts 5.4 Medium2025-01-16
CVE-2025-23963 WordPress Mark Posts plugin <= 2.2.4 - Broken Access Control vulnerability — Mark Posts 5.4 Medium2025-01-16
CVE-2025-23962 WordPress Goldstar plugin <= 2.1.1 - Broken Access Control vulnerability — Goldstar 4.3 Medium2025-01-16
CVE-2025-23954 WordPress Salvador – AI Image Generator plugin <= 1.0.11 - Broken Access Control vulnerability — Salvador – AI Image Generator 4.3 Medium2025-01-16
CVE-2025-23917 WordPress Chamber Dashboard Business Directory Plugin <= 3.3.8 - Broken Access Control vulnerability — Chamber Dashboard Business Directory 5.4 Medium2025-01-16
CVE-2025-23930 WordPress PayPal Marketing Solutions plugin <= 1.2 - Broken Access Control vulnerability — PayPal Marketing Solutions 4.3 Medium2025-01-16
CVE-2025-23929 WordPress Email Capture & Lead Generation Plugin <= 1.0.2 - Broken Access Control vulnerability — Email Capture & Lead Generation 4.3 Medium2025-01-16
CVE-2025-23916 WordPress WP Meetup plugin <= 2.3.0 - Settings Change vulnerability — WP Meetup 5.4 Medium2025-01-16
CVE-2025-23862 WordPress Contact Form 7 Anti Spambot plugin <= 1.0.1 - Broken Access Control vulnerability — Contact Form 7 Anti Spambot 5.3 Medium2025-01-16
CVE-2025-23785 WordPress AI Responsive Gallery Album plugin <= 1.4 - Broken Access Control vulnerability — AI Responsive Gallery Album 4.3 Medium2025-01-16
CVE-2025-23778 WordPress User Sync ActiveCampaign plugin <= 1.3.2 - Broken Access Control vulnerability — User Sync ActiveCampaign 5.4 Medium2025-01-16
CVE-2025-23776 WordPress Cache Sniper for Nginx plugin <= 1.0.4.2 - Broken Access Control vulnerability — Cache Sniper for Nginx 4.3 Medium2025-01-16
CVE-2025-23514 WordPress Loginplus plugin <= 1.2 - Broken Access Control vulnerability — Loginplus 5.3 Medium2025-01-16
CVE-2025-23423 WordPress SendGrid for WordPress plugin <= 1.4 - Broken Access Control vulnerability — SendGrid for WordPress 4.3 Medium2025-01-16
CVE-2024-12427 Multi Step Form <= 1.7.23 - Missing Authorization to Unauthenticated Limited File Upload — Multi Step Form 5.3 Medium2025-01-16
CVE-2024-56295 WordPress Poll Maker plugin <= 5.5.6 - Broken Access Control vulnerability — Poll Maker 6.5 Medium2025-01-15
CVE-2025-22729 WordPress VOD Infomaniak plugin <= 1.5.9 - Broken Access Control vulnerability — VOD Infomaniak 4.3 Medium2025-01-15
CVE-2025-22737 WordPress WpTravelly Plugin <= 1.8.5 - Broken Access Control vulnerability — WpTravelly 5.3 Medium2025-01-15
CVE-2025-22779 WordPress WP News Sliders plugin <= 1.0 - Broken Access Control vulnerability — WP News Sliders 4.3 Medium2025-01-15

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.