CWE-862 (授权机制缺失) — Vulnerability Class 5532

5532 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-56007	WordPress Leader plugin <= 2.6.1 - Broken Access Control vulnerability — Leader	4.3	Medium	2024-12-16
CVE-2024-56001	WordPress Ksher plugin <= 1.1.1 - Broken Access Control vulnerability — Ksher	6.5	Medium	2024-12-16
CVE-2024-56009	WordPress Spreadr Woocommerce plugin <= 1.0.4 - Broken Access Control vulnerability — Spreadr Woocommerce	5.3	Medium	2024-12-16
CVE-2024-54402	WordPress Arabic Webfonts plugin <= 1.4.6 - Broken Access Control vulnerability — Arabic Webfonts	4.3	Medium	2024-12-16
CVE-2024-55998	WordPress Popup Surveys & Polls for WordPress (Mare.io) plugin <= 1.36 - Settings Change vulnerability — Popup Surveys & Polls for WordPress (Mare.io)	5.4	Medium	2024-12-16
CVE-2024-56004	WordPress Easy Site Importer plugin <= 1.0.1 - Settings Change vulnerability — Easy Site Importer	5.4	Medium	2024-12-16
CVE-2024-11715	WP Job Portal <= 2.2.2 - Missing Authorization to Limited Privilege Escalation — WP Job Portal – AI-Powered Recruitment System for Company or Job Board website	4.8	Medium	2024-12-14
CVE-2024-12553	GeoVision GV-ASManager Missing Authorization Information Disclosure Vulnerability — GV-ASManager	6.5	-	2024-12-13
CVE-2024-54326	WordPress GEO my WP plugin <= 4.5.0.4 - Broken Access Control vulnerability — GEO my WordPress	6.5	Medium	2024-12-13
CVE-2024-54323	WordPress New User Approve plugin <= 2.6.2 - Broken Access Control vulnerability — New User Approve	5.4	Medium	2024-12-13
CVE-2024-54311	WordPress Mark New Posts plugin <= 7.5.1 - Broken Access Control vulnerability — Mark New Posts	5.4	Medium	2024-12-13
CVE-2024-54310	WordPress Gou Manage My Account Menu plugin <= 1.0.1.8 - Broken Access Control vulnerability — Gou Manage My Account Menu	5.3	Medium	2024-12-13
CVE-2024-54298	WordPress Car Dealer plugin <= 4.46 - Broken Access Control vulnerability — Car Dealer	4.3	Medium	2024-12-13
CVE-2024-54289	WordPress Awesome Support plugin <= 6.3.1 - Broken Access Control vulnerability — Awesome Support	6.5	Medium	2024-12-13
CVE-2024-54278	WordPress News Ticker for Elementor plugin <= 2.1.3 - Broken Access Control vulnerability — News Ticker for Elementor	4.3	Medium	2024-12-13
CVE-2024-54271	WordPress WPCargo Track & Trace plugin <= 8.0.2 - Settings Change vulnerability — WPCargo Track & Trace	5.4	Medium	2024-12-13
CVE-2024-54268	WordPress SiteOrigin Widgets Bundle plugin <= 1.64.0 - Broken Access Control vulnerability — SiteOrigin Widgets Bundle	4.3	Medium	2024-12-13
CVE-2024-54267	WordPress CM Answers plugin <= 3.2.6 - Broken Access Control vulnerability — CM Answers	4.3	Medium	2024-12-13
CVE-2024-54256	WordPress Easy Blocks pro plugin <= 1.0.21 - Broken Access Control vulnerability — Easy Blocks pro	7.1	High	2024-12-13
CVE-2024-54252	WordPress Pinpoint Booking System Plugin <= 2.9.9.5.7 - Broken Access Control vulnerability — Pinpoint Booking System	6.3	Medium	2024-12-13
CVE-2024-54242	WordPress Simple Notification plugin <= 1.3 - Broken Access Control vulnerability — Simple Notification	6.5	Medium	2024-12-13
CVE-2024-54241	WordPress Elite Notification plugin 1.5 - Cross Site Scripting (XSS) vulnerability — Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification	6.5	Medium	2024-12-13
CVE-2024-54239	WordPress Eyewear prescription form plugin <= 4.0.18 - Arbitrary Option Update to Privilege Escalation vulnerability — Eyewear prescription form	9.8	Critical	2024-12-13
CVE-2023-44147	WordPress Comment Blacklist Updater plugin <= 1.1.0 - Broken Access Control vulnerability — Comment Blacklist Updater	5.3	Medium	2024-12-13
CVE-2023-44149	WordPress Brands for WooCommerce plugin <= 3.8.2.2 - Broken Access Control vulnerability — Brands for WooCommerce	5.3	Medium	2024-12-13
CVE-2023-44142	WordPress Inactive Logout plugin <= 3.2.2 - Broken Access Control vulnerability — Inactive Logout	5.4	Medium	2024-12-13
CVE-2023-41951	WordPress rtMedia for WordPress, BuddyPress and bbPress plugin <= 4.6.14 - Broken Access Control vulnerability — rtMedia for WordPress, BuddyPress and bbPress	4.3	Medium	2024-12-13
CVE-2023-41952	WordPress Fluent Forms plugin <= 5.0.8 - Broken Access Control vulnerability — FluentForm	5.3	Medium	2024-12-13
CVE-2023-41875	WordPress WP Directory Kit plugin <= 1.2.6 - Broken Access Control vulnerability — WP Directory Kit	5.3	Medium	2024-12-13
CVE-2023-41873	WordPress SAML Single Sign On – SSO Login plugin <= 5.0.4 - Broken Access Control vulnerability — SAML SP Single Sign On	4.3	Medium	2024-12-13

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-862 (授权机制缺失) — Vulnerability Class 5532