Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5532

5532 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-53795 WordPress Church Admin plugin <= 5.0.8 - Broken Access Control vulnerability — Church Admin 5.3 Medium2024-12-06
CVE-2024-53799 WordPress FloristPress plugin <= 7.3.0 - Broken Access Control vulnerability — FloristPress 4.3 Medium2024-12-06
CVE-2024-53803 WordPress WP Mailster plugin <= 1.8.16.0 - Broken Access Control vulnerability — WP Mailster 6.5 Medium2024-12-06
CVE-2024-53810 WordPress Simple User Registration plugin <= 5.5 - Broken Access Control on User Deletion vulnerability — Simple User Registration 9.1 Critical2024-12-06
CVE-2024-53813 WordPress WP Travel plugin <= 9.6.0 - Broken Access Control vulnerability — WP Travel 6.5 Medium2024-12-06
CVE-2024-53825 WordPress FileBird Lite plugin <= 6.3.2 - Broken Access Control vulnerability — Filebird 4.7 Medium2024-12-06
CVE-2024-53806 WordPress Maspik plugin <= 2.2.7 - CSRF to Settings Change vulnerability — Maspik – Spam blacklist 5.4 Medium2024-12-06
CVE-2024-53805 WordPress WP Mailster plugin <= 1.8.16.0 - Broken Access Control vulnerability — WP Mailster 7.5 High2024-12-06
CVE-2024-12155 SV100 Companion <= 2.0.02 - Missing Authorization to Unuathenticated Arbitrary Options Update — SV100 Companion 9.8 Critical2024-12-06
CVE-2024-12028 Friends <= 3.2.1 - Missing Authorization — Friends 5.3 Medium2024-12-06
CVE-2024-9706 Ultimate Coming Soon & Maintenance <= 1.0.9 - Missing Authorization to Unauthenticated Template Activation — Ultimate Coming Soon & Maintenance 5.3 Medium2024-12-06
CVE-2024-12110 Gold Addons for Elementor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) License Activation/Deactivation — Gold Addons for Elementor 4.3 Medium2024-12-06
CVE-2024-12027 Message Filter for Contact Form 7 <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) Filter Updates/Deletions — Message Filter for Contact Form 7 4.3 Medium2024-12-06
CVE-2024-11323 AI Quiz | Quiz Maker <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update — AI Quiz | Quiz Maker 8.8 High2024-12-06
CVE-2024-9705 Ultimate Coming Soon & Maintenance <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Template Name Update — Ultimate Coming Soon & Maintenance 4.3 Medium2024-12-06
CVE-2024-11643 Accessibility by AllAccessible <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option Update — Accessibility by AllAccessible 8.8 High2024-12-04
CVE-2024-54155 JetBrains YouTrack 安全漏洞 — YouTrack 3.7 Low2024-12-04
CVE-2024-54153 JetBrains YouTrack 安全漏洞 — YouTrack 3.1 Low2024-12-04
CVE-2024-10567 TI WooCommerce Wishlist <= 2.9.1 - Missing Authorization to Unauthenticated Plugin Setup Wizard Access — TI WooCommerce Wishlist 7.5 High2024-12-04
CVE-2024-10664 Knowledge Base documentation & wiki plugin – BasePress Docs <= 2.16.3.3 - Missing Authorization to Authenticated (Subscriber+) Database Update — Knowledge Base documentation & wiki plugin – BasePress Docs 4.3 Medium2024-12-04
CVE-2024-10663 Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission — Eleblog – Elementor Blog And Magazine Addons 4.3 Medium2024-12-04
CVE-2024-11844 IdeaPush <= 8.71 - Missing Authorization to Board Term Deletion — IdeaPush 4.3 Medium2024-12-03
CVE-2024-49581 Access control issue impacting RV backed objects — com.palantir.gotham:external-artifacts 6.5 Medium2024-12-02
CVE-2024-53708 WordPress AI Quiz plugin <= 1.1 - Broken Access Control vulnerability — AI Quiz 5.3 Medium2024-12-02
CVE-2024-53784 WordPress Smart Marketing SMS and Newsletters Forms plugin <= 5.0.4 - Broken Access Control vulnerability — Smart Marketing SMS and Newsletters Forms 4.3 Medium2024-12-02
CVE-2024-11918 Image Alt Text <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Image Alt Text Update — Image Alt Text 4.3 Medium2024-11-28
CVE-2024-10580 Hustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.5 - Missing Authorization to Unauthorized Form Submission — Hustle – Email Marketing, Lead Generation, Optins, Popups 5.3 Medium2024-11-27
CVE-2024-8114 Missing Authorization in GitLab — GitLab 8.2 High2024-11-26
CVE-2024-10579 Hustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.5 - Missing Authorization to Unpublished Form Exposure — Hustle – Email Marketing, Lead Generation, Optins, Popups 4.3 Medium2024-11-26
CVE-2024-10542 Spam protection, Anti-Spam, FireWall by CleanTalk <= 6.43.2 - Authorization Bypass via Reverse DNS Spoofing to Unauthenticated Arbitrary Plugin Installation — Spam protection, Honeypot, Anti-Spam by CleanTalk 9.8 Critical2024-11-26

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.