CWE-862 (授权机制缺失) — Vulnerability Class 5532

5532 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-45101	WordPress Customer Reviews for WooCommerce plugin <= 5.36.0 - Broken Access Control vulnerability — Customer Reviews for WooCommerce	4.3	Medium	2025-01-02
CVE-2023-45045	WordPress WP Custom Widget area plugin <= 1.2.5 - Broken Access Control vulnerability — WP Custom Widget area	5.4	Medium	2025-01-02
CVE-2023-44988	WordPress WP Custom Admin Interface plugin <= 7.32 - Broken Access Control vulnerability — WP Custom Admin Interface	4.3	Medium	2025-01-02
CVE-2023-45002	WordPress WP User Frontend plugin <= 3.6.8 - Broken Access Control vulnerability — WP User Frontend	4.3	Medium	2025-01-02
CVE-2023-44258	WordPress Schema App Structured Data plugin <= 1.23.1 - Broken Access Control + CSRF vulnerability — Schema App Structured Data	5.3	Medium	2025-01-02
CVE-2024-49686	WordPress Landing Page Cat plugin <= 1.7.4 - Broken Access Control vulnerability — Landing Page Cat	5.4	Medium	2024-12-31
CVE-2024-49687	WordPress Smart Manager plugin <= 8.45.0 - Broken Access Control vulnerability — Smart Manager	4.3	Medium	2024-12-31
CVE-2024-49694	WordPress My Wp Brand – Hide menu & Hide Plugin plugin <= 1.1.2 - Broken Access Control vulnerability — My Wp Brand	5.3	Medium	2024-12-31
CVE-2024-49698	WordPress Great Restaurant Menu WP plugin <= 1.4.2 - Broken Access Control vulnerability — Best Restaurant Menu by PriceListo	4.3	Medium	2024-12-31
CVE-2024-51667	WordPress paytium plugin <= 4.4.10 - Broken Access Control vulnerability — Paytium	4.3	Medium	2024-12-31
CVE-2024-55995	WordPress Torod plugin <= 1.7 - Settings Change vulnerability — Torod	6.5	Medium	2024-12-31
CVE-2024-56002	WordPress Contact Form, Survey & Form Builder – MightyForms plugin <= 1.3.9 - Broken Access Control vulnerability — Contact Form, Survey & Form Builder – MightyForms	6.4	Medium	2024-12-31
CVE-2024-56070	WordPress WP SuperBackup plugin <= 2.3.3 - Multiple Subscriber+ Broken Access Control vulnerabilities — WP SuperBackup	7.4	High	2024-12-31
CVE-2024-56066	WordPress Agency Toolkit plugin <= 1.0.23 - Privilege Escalation vulnerability — Agency Toolkit	9.8	Critical	2024-12-31
CVE-2024-56061	WordPress RepairBuddy plugin <= 3.8119 - Account Takeover vulnerability — RepairBuddy	8.8	High	2024-12-31
CVE-2024-55991	WordPress CRM Plugin – WP-CRM System plugin <= 3.2.9.1 - Broken Access Control vulnerability — WP-CRM System	6.5	Medium	2024-12-31
CVE-2024-56031	WordPress Smart Shopify Product plugin <= 1.0.2 - Arbitrary Content Deletion vulnerability — Smart Shopify Product	6.5	Medium	2024-12-31
CVE-2024-56067	WordPress WP SuperBackup plugin <= 2.3.3 - Unauthenticated Backup File Download Vulnerability — WP SuperBackup	7.5	High	2024-12-31
CVE-2023-48775	WordPress WP CleanFix plugin <= 5.6.2 - Broken Access Control vulnerability — WP Cleanfix	5.3	Medium	2024-12-31
CVE-2023-50850	WordPress Woo Subscriptions plugin < 5.8.0 - Broken Access Control vulnerability — WooCommerce Subscriptions	4.3	Medium	2024-12-31
CVE-2024-56234	WordPress VW Automobile Lite theme <= 2.1 - Broken Access Control vulnerability — VW Automobile Lite	5.4	Medium	2024-12-31
CVE-2024-56227	WordPress Royal Elementor Addons plugin <= 1.7.1001 - Broken Access Control vulnerability — Royal Elementor Addons	4.3	Medium	2024-12-31
CVE-2024-56225	WordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerability — Premium Addons for Elementor	5.4	Medium	2024-12-31
CVE-2024-56219	WordPress Widget Options plugin <= 4.0.6.1 - Broken Access Control vulnerability — Widget Options	4.3	Medium	2024-12-31
CVE-2024-56217	WordPress Download Manager plugin <= 3.3.03 - Broken Access Control vulnerability — Download Manager	4.3	Medium	2024-12-31
CVE-2024-56215	WordPress Member Directory and Contact Form plugin <= 1.7.0 - Broken Access Control vulnerability — Member Directory and Contact Form	4.3	Medium	2024-12-31
CVE-2024-56211	WordPress UserPro plugin <= 5.1.9 - Authenticated Arbitrary User Meta Update vulnerability — Userpro	8.8	High	2024-12-31
CVE-2024-11281	WooCommerce Point of Sale <= 6.1.0 - Insecure Direct Object Reference to Privilege Escalation via Arbitrary User Email Change — WooCommerce Point of Sale	9.8	Critical	2024-12-25
CVE-2024-12413	MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution <= 2.0.00 - Missing Authorization — MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution	5.3	Medium	2024-12-25
CVE-2024-12190	Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder	4.3	Medium	2024-12-25

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-862 (授权机制缺失) — Vulnerability Class 5532