Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5532

5532 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-11725 SMS Alert Order Notifications – WooCommerce <= 3.7.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update — SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery 8.8 High2025-01-07
CVE-2024-10536 FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor <= 6.0.0 - Missing Authorization to Authenticated (Subscriber+) Shortcode Export — FancyPost – Post Blocks, Grids & Sliders for Block Editor and Elementor 4.3 Medium2025-01-07
CVE-2024-12535 Host PHP Info <= 1.0.4 - Missing Authorization to Unauthenticated Sensitive Information Disclosure — Host PHP Info 8.6 High2025-01-07
CVE-2024-9697 Social Rocket – Social Sharing Plugin <= 1.3.4 - Missing Authorization to Settings Update — Social Rocket – Social Sharing Plugin 5.3 Medium2025-01-07
CVE-2024-12327 LazyLoad Background Images <= 1.0.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update — LazyLoad Background Images 4.3 Medium2025-01-07
CVE-2024-11496 Infility Global <= 2.9.8 - Authenticated (Subscriber+) Missing Authorization to Plugin Options Update — Infility Global 6.5 Medium2025-01-07
CVE-2024-12176 WordLift – AI powered SEO – Schema <= 3.54.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update — WordLift – AI powered SEO – Schema 5.3 Medium2025-01-07
CVE-2024-12158 Popup – MailChimp, GetResponse and ActiveCampaign Intergrations <= 3.2.6 - Missing Authorization to Unauthenticated DB Table Truncation — Popup – MailChimp, GetResponse and ActiveCampaign Intergrations 5.3 Medium2025-01-07
CVE-2024-10527 Spacer <= 3.0.7 - Missing Authorization to Authenticated (Subscriber+) Limited Information Disclosure — Spacer 3.1 Low2025-01-07
CVE-2024-12559 ClickDesigns <= 1.8.0 - Missing Authorization to API Key Modification or Removal — ClickDesigns 5.3 Medium2025-01-07
CVE-2024-55408 ASUS System Analysis IO 安全漏洞 — ASCI 8.8 -2025-01-06
CVE-2025-22385 Optimizely Configured Commerce 安全漏洞 — n/a 5.3 -2025-01-04
CVE-2022-45811 WordPress Post Teaser plugin <= 4.1.5 - Auth. Broken Access Control vulnerability — Post Teaser 5.4 Medium2025-01-02
CVE-2022-47601 WordPress WP Table Manager plugin <= 3.5.2 - Broken Access Control — WP Table Manager 5.3 Medium2025-01-02
CVE-2023-23672 WordPress GiveWP plugin <= 2.25.1 - Arbitrary Content Deletion vulnerability — GiveWP 5.4 Medium2025-01-02
CVE-2023-32240 WordPress Woodmart theme <= 7.2.1 - Broken Access Control vulnerability — WoodMart 5.4 Medium2025-01-02
CVE-2023-39994 WordPress ARMember Premium plugin <= 5.9.2 - Broken Access Control — ARMember Premium 4.3 Medium2025-01-02
CVE-2022-45830 WordPress Analytify - Google Analytics Dashboard plugin <= 4.2.3 - Privilege Escalation vulnerability — Analytify 6.5 Medium2025-01-02
CVE-2023-40327 WordPress Putler Connector for WooCommerce plugin <= 2.12.0 - Unauthenticated Broken Access Control vulnerability — Putler Connector for WooCommerce 6.5 Medium2025-01-02
CVE-2023-45272 WordPress 10Web Map Builder for Google Maps plugin <= 1.0.73 - Notice Dismissal Vulnerability — 10Web Map Builder for Google Maps 5.4 Medium2025-01-02
CVE-2023-45633 WordPress IMPress Listings plugin <= 2.6.2 - Broken Access Control vulnerability — IMPress Listings 6.5 Medium2025-01-02
CVE-2022-41995 WordPress Photo Gallery – Image Gallery by Ape Plugin <= 2.2.8 is vulnerable to Broken Access Control — Gallery Images Ape 4.3 Medium2025-01-02
CVE-2022-43476 WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to Broken Access Control — Subscribe to Category 4.3 Medium2025-01-02
CVE-2023-47778 WordPress LuckyWP Scripts Control plugin <= 1.2.1 - Broken Access Control vulnerability — LuckyWP Scripts Control 4.3 Medium2025-01-02
CVE-2023-47807 WordPress 10WebAnalytics plugin <= 1.2.12 - Broken Access Control vulnerability — 10WebAnalytics 4.3 Medium2025-01-02
CVE-2023-48739 WordPress Porto Theme Functionality plugin < 2.12.1 - Broken Access Control vulnerability — Porto Theme - Functionality 5.3 Medium2025-01-02
CVE-2023-48758 WordPress JetEngine plugin <= 3.2.4 - Broken Access Control vulnerability — JetEngine 7.1 High2025-01-02
CVE-2024-56266 WordPress MP3 Audio Player plugin <= 5.8 - Broken Access Control vulnerability — MP3 Audio Player for Music, Radio & Podcast by Sonaar 6.3 Medium2025-01-02
CVE-2024-56255 WordPress AyeCode Connect plugin <= 1.3.8 - Broken Access Control vulnerability — AyeCode Connect 4.3 Medium2025-01-02
CVE-2024-56253 WordPress Data Tables Generator by Supsystic plugin <= 1.10.36 - Broken Access Control vulnerability — Data Tables Generator by Supsystic 5.4 Medium2025-01-02

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.