Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5532

5532 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-49835 WordPress Post Duplicator plugin <= 2.31 - Broken Access Control vulnerability — Post Duplicator 4.3 Medium2024-12-09
CVE-2023-49858 WordPress Custom Login plugin <= 4.1.0 - Broken Access Control vulnerability — Custom Login 4.3 Medium2024-12-09
CVE-2023-49848 WordPress Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy plugin <= 2.1.1 - Broken Access Control vulnerability — Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy 6.5 Medium2024-12-09
CVE-2023-49849 WordPress Shortcoder plugin <= 6.3 - Broken Access Control vulnerability — Shortcoder 4.3 Medium2024-12-09
CVE-2023-49851 WordPress Square Thumbnails plugin <= 1.1.1 - Broken Access Control + CSRF vulnerability — Square Thumbnails 5.3 Medium2024-12-09
CVE-2023-49850 WordPress WP Simple HTML Sitemap plugin <= 2.7 - Broken Access Control vulnerability — WP Simple HTML Sitemap 5.3 Medium2024-12-09
CVE-2023-49856 WordPress Smart Forms plugin <= 2.6.84 - Authenticated Arbitrary Options Change Vulnerability — Smart Forms 8.1 High2024-12-09
CVE-2023-49857 WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability — Awesome Support 6.5 Medium2024-12-09
CVE-2023-50373 WordPress Alt Manager plugin <= 1.6.1 - Broken Access Control vulnerability — Alt Manager 5.3 Medium2024-12-09
CVE-2023-50375 WordPress Translate WordPress – Google Language Translator plugin <= 6.0.19 - Broken Access Control vulnerability — Google Language Translator 5.3 Medium2024-12-09
CVE-2023-50877 WordPress Product Filter by WBW plugin <= 2.5.0 - Broken Access Control vulnerability — Product Filter by WBW 4.3 Medium2024-12-09
CVE-2023-50876 WordPress Molongui plugin <= 4.7.3 - Broken Access Control vulnerability — Molongui 4.3 Medium2024-12-09
CVE-2023-50882 WordPress ProfilePress plugin <= 4.13.2 - Broken Access Control vulnerability — ProfilePress 5.3 Medium2024-12-09
CVE-2023-50884 WordPress LA-Studio Element Kit for Elementor plugin <= 1.1.5 - Broken Access Control vulnerability — LA-Studio Element Kit for Elementor 6.5 Medium2024-12-09
CVE-2023-50887 WordPress User Feedback plugin <= 1.0.10 - Broken Access Control vulnerability — User Feedback 5.3 Medium2024-12-09
CVE-2023-50899 WordPress Product Catalog Enquiry for WooCommerce by MultiVendorX plugin <= 5.0.2 - Broken Access Control vulnerability — Product Catalog Enquiry for WooCommerce by MultiVendorX 5.4 Medium2024-12-09
CVE-2023-50903 WordPress Metform Elementor Contact Form Builder plugin <= 3.4.0 - Broken Access Control vulnerability — Metform 5.3 Medium2024-12-09
CVE-2023-50904 WordPress Poll Maker plugin <= 4.8.0 - Broken Access Control vulnerability — Poll Maker 5.3 Medium2024-12-09
CVE-2023-51353 WordPress Popup by Supsystic plugin <= 1.10.19 - Broken Access Control vulnerability — Popup by Supsystic 5.3 Medium2024-12-09
CVE-2023-51355 WordPress MultiVendorX plugin <= 4.0.23 - Broken Access Control vulnerability — MultiVendorX 8.2 High2024-12-09
CVE-2023-51357 WordPress Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce plugin <= 6.5.0 - Broken Access Control vulnerability — Conversios.io 5.3 Medium2024-12-09
CVE-2023-51360 WordPress Essential Blocks plugin <= 4.2.0 - Multiple Subscriber+ Broken Access Control vulnerability — Essential Blocks for Gutenberg 6.5 Medium2024-12-09
CVE-2023-51359 WordPress Essential Blocks plugin <= 4.2.0 - Multiple Contributor+ Broken Access Control vulnerability — Essential Blocks for Gutenberg 5.4 Medium2024-12-09
CVE-2023-51362 WordPress myStickyElements plugin <= 2.1.3 - Broken Access Control vulnerability — My Sticky Elements 5.3 Medium2024-12-09
CVE-2023-49845 WordPress Redirects plugin <= 1.2.1 - Broken Access Control vulnerability — Redirects 5.3 Medium2024-12-09
CVE-2024-12253 Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update / Data Access — Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal 5.4 Medium2024-12-07
CVE-2024-7894 If Menu <= 0.19.1 - Missing Authorization to License Key Update — If Menu – Visibility control for Menus 5.3 Medium2024-12-07
CVE-2024-11353 SMS for Lead Capture Forms <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message Deletion — SMS for Lead Capture Forms 4.3 Medium2024-12-07
CVE-2024-12026 Message Filter for Contact Form 7 <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) New Filter Creation — Message Filter for Contact Form 7 4.3 Medium2024-12-07
CVE-2024-53826 WordPress WPCasa plugin <= 1.2.13 - Insecure Direct Object References (IDOR) vulnerability — WPCasa 5.3 Medium2024-12-06

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.