Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-11816 The Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution — The Ultimate WordPress Toolkit – WP Extended 8.8 High2025-01-08
CVE-2024-12713 SureForms – Drag and Drop Form Builder for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Protected Post Disclosure — SureForms – Contact Form, Payment Form & Other Custom Form Builder 5.3 Medium2025-01-08
CVE-2025-22363 WordPress Allada T-shirt Designer for Woocommerce plugin <= 1.1 - Broken Access Control vulnerability — Allada T-shirt Designer for Woocommerce 5.3 Medium2025-01-07
CVE-2025-22319 WordPress MashShare plugin <= 4.0.47 - Broken Access Control vulnerability — Social Media Share Buttons | MashShare 4.3 Medium2025-01-07
CVE-2024-56270 WordPress WP SecureSubmit plugin <= 1.5.20 - Sensitive Data Exposure vulnerability — WP SecureSubmit 5.3 Medium2025-01-07
CVE-2024-56272 WordPress Hide Category by User Role for WooCommerce plugin <= 2.1.1 - Broken Access Control vulnerability — Hide Category by User Role for WooCommerce 4.3 Medium2025-01-07
CVE-2025-22512 WordPress Help Scout Plugin <= 6.5.6 - Broken Access Control vulnerability — Help Scout 4.3 Medium2025-01-07
CVE-2025-22534 WordPress Slides & Presentations Plugin <= 0.0.39 - Broken Access Control vulnerability — Slides & Presentations 5.4 Medium2025-01-07
CVE-2025-22541 WordPress WP Delete Post Copies plugin <= 5.5 - Broken Access Control vulnerability — WP Delete Post Copies 5.4 Medium2025-01-07
CVE-2025-22543 WordPress ST Gallery WP plugin <= 1.0.8 - Settings Change vulnerability — ST Gallery WP 5.4 Medium2025-01-07
CVE-2025-22560 WordPress Saoshyant Page Builder plugin <= 3.8 - Broken Access Control vulnerability — Saoshyant Page Builder 5.3 Medium2025-01-07
CVE-2025-22591 WordPress 1003 Mortgage Application plugin <= 1.87 - Broken Access Control vulnerability — 1003 Mortgage Application 4.3 Medium2025-01-07
CVE-2025-22592 WordPress 1003 Mortgage Application plugin <= 1.87 - Broken Access Control vulnerability — 1003 Mortgage Application 7.5 High2025-01-07
CVE-2024-12711 RSVP and Event Management <= 2.7.13 - Missing Authorization — RSVP and Event Management 5.3 Medium2025-01-07
CVE-2024-12316 Jupiter X Core <= 4.8.5 - Missing Authorization to Unauthenticated Popup Template Export — Jupiter X Core 5.3 Medium2025-01-07
CVE-2024-12033 Jupiter X Core <= 4.8.5 - Missing Authorization to Authenticated Library Sync — Jupiter X Core 4.3 Medium2025-01-07
CVE-2024-51651 WordPress CubeWP Forms plugin <= 1.1.10 - Broken Access Control vulnerability — CubeWP Forms 5.3 Medium2025-01-07
CVE-2024-56271 WordPress WP SecureSubmit plugin <= 1.5.20 - Broken Access Control vulnerability — WP SecureSubmit 4.3 Medium2025-01-07
CVE-2024-56273 WordPress WPvivid Backup plugin <= 0.9.106 - Broken Access Control vulnerability — WPvivid Backup and Migration 4.3 Medium2025-01-07
CVE-2024-56276 WordPress WPForms Lite plugin <= 1.9.2.2 - Broken Access Control vulnerability — Contact Form by WPForms 4.3 Medium2025-01-07
CVE-2024-56294 WordPress Nexter Blocks plugin <= 4.0.7 - Broken Access Control vulnerability — Nexter Blocks 6.4 Medium2025-01-07
CVE-2025-22298 WordPress Hive Support plugin <= 1.1.6 - Broken Access Control vulnerability — Hive Support 4.3 Medium2025-01-07
CVE-2025-22299 WordPress AI for SEO plugin <= 1.2.9 - Broken Access Control vulnerability — AI for SEO 4.3 Medium2025-01-07
CVE-2025-22302 WordPress WP Wand plugin <= 1.2.5 - Broken Access Control vulnerability — WP Wand 5.3 Medium2025-01-07
CVE-2025-22304 WordPress WP Visitor Statistics plugin <= 7.5 - Broken Access Control vulnerability — WP Visitor Statistics (Real Time Traffic) 4.3 Medium2025-01-07
CVE-2024-12719 WordPress File Upload <= 4.24.15 - Missing Authorization to Authenticated (Subscriber+) Limited Path Traversal — Iptanus File Upload 4.3 Medium2025-01-07
CVE-2024-12202 Croma Music <= 3.6 - Authenticated (Subscriber+) Arbitrary Options Update in ironMusic_ajax — Croma Music 8.8 High2025-01-07
CVE-2024-10866 Export Import Menus <= 1.9.1 - Missing Authorization to Unauthenticated Menu Export — Export Import Menus 5.3 Medium2025-01-07
CVE-2024-12781 Aurum - WordPress & WooCommerce Shopping Theme <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Demo Content Import — Aurum - WordPress & WooCommerce Shopping Theme 4.3 Medium2025-01-07
CVE-2024-11725 SMS Alert Order Notifications – WooCommerce <= 3.7.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update — SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery 8.8 High2025-01-07

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.