Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5532

5532 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-49596 Dell Wyse Management Suite 安全漏洞 — Wyse Management Suite 5.9 Medium2024-11-26
CVE-2024-8272 macOS Universal Audio (UAConnect) <= 2.7.0 - Local Privilege Escalation — UAConnect 7.8 High2024-11-25
CVE-2024-10606 WP Travel Engine <= 6.2.1 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Update — WP Travel Engine – Tour Booking Plugin – Tour Operator Software 4.3 Medium2024-11-23
CVE-2024-10813 Product Table for WooCommerce by CodeAstrology (wooproducttable.com) <= 3.5.1 - Information Exposure — Product Table for WooCommerce 5.3 Medium2024-11-23
CVE-2024-10537 WP User Manager – User Profile Builder & Membership <= 2.9.11 - Missing Authorization to Authenticated (Subscriber+) User Meta Key Enumeration — WP User Manager – User Profile Builder & Membership 4.3 Medium2024-11-23
CVE-2024-9223 WPDash Notes <= 1.3.5 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure — WPDash Notes 4.3 Medium2024-11-23
CVE-2024-10216 WP User Manager – User Profile Builder & Membership <= 2.9.11 - Missing Authorization to Carbon Fields Custom Sidebar Addition/Removal — WP User Manager – User Profile Builder & Membership 4.3 Medium2024-11-23
CVE-2024-0122 NVIDIA Delegated Licensing Service 安全漏洞 — DLS component of NVIDIA License System 7.6 High2024-11-22
CVE-2024-0138 NVIDIA Base Command Manager 安全漏洞 — Base Command Manager 9.8 Critical2024-11-22
CVE-2024-11601 Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.1 - Cross-Site Request Forgery to Limited Arbitrary Options Update — Sky Addons – Elementor Addons with Widgets & Templates 8.1 High2024-11-22
CVE-2024-11355 Ultimate YouTube Video & Shorts Player With Vimeo <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Setting Exposure — Ultimate YouTube Video & Shorts Player With Vimeo 4.3 Medium2024-11-22
CVE-2024-11104 Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.2 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update — Sky Addons – Elementor Addons with Widgets & Templates 8.1 High2024-11-22
CVE-2024-11334 My Contador lesr <= 2.0 - Missing Authorization to Unauthenticated User Registration CSV Export — My Contador lesr 4.3 Medium2024-11-21
CVE-2024-10528 Ultimate Member <= 2.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Profile Picture Update — Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin 4.3 Medium2024-11-21
CVE-2024-11354 Ultimate YouTube Video & Shorts Player With Vimeo <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Playlist/Video Deletion — Ultimate YouTube Video & Shorts Player With Vimeo 4.3 Medium2024-11-21
CVE-2024-10532 Bard Extra <= 1.2.7 - Missing Authorization to Authenticated (Subscriber+) Demo Import — Bard Extra 4.3 Medium2024-11-21
CVE-2024-11154 PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes <= 3.5.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure — PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes 4.3 Medium2024-11-20
CVE-2024-10520 WP Project Manager <= 2.6.14 - Missing Authorization to Project Milestone and Task Creation/Deletion — Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker 5.3 Medium2024-11-20
CVE-2024-10665 Yaad Sarig Payment Gateway For WC <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion — Yaad Sarig Payment Gateway For WC 5.4 Medium2024-11-20
CVE-2024-10900 ProfileGrid – User Profiles, Groups and Communities <= 5.9.3.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Deletion — ProfileGrid – User Profiles, Groups and Communities 6.5 Medium2024-11-20
CVE-2024-49680 WordPress WP VR plugin <= 8.5.5 - Broken Access Control vulnerability — WP VR 4.3 Medium2024-11-19
CVE-2024-49689 WordPress HD Quiz – Save Results Light plugin <= 0.5 - Broken Access Control vulnerability — HD Quiz – Save Results Light 5.4 Medium2024-11-19
CVE-2024-49697 WordPress Sunshine Photo Cart plugin <= 3.2.9 - Broken Access Control vulnerability — Sunshine Photo Cart 4.3 Medium2024-11-19
CVE-2024-50417 WordPress Bold Page Builder plugin <= 5.1.3 - Broken Access Control vulnerability — Bold Page Builder 4.3 Medium2024-11-19
CVE-2024-51671 WordPress Otter Blocks plugin <= 3.0.3 - Broken Access Control vulnerability — Otter - Gutenberg Block 2.7 Low2024-11-19
CVE-2024-51660 WordPress Easy Accordion Gutenberg Block plugin <= 1.2.3 - Broken Access Control vulnerability — Easy Accordion Gutenberg Block 4.3 Medium2024-11-19
CVE-2024-51817 WordPress Combo WP Rewrite Slugs plugin <= 1.0 - Settings Change vulnerability — Combo WP Rewrite Slugs 5.4 Medium2024-11-19
CVE-2024-52395 WordPress Floating Buttons for WooCommerce plugin <= 2.8.8 - Broken Access Control vulnerability — Floating Buttons for WooCommerce 5.3 Medium2024-11-19
CVE-2024-11194 Classified Listing – Classified ads & Business Directory Plugin <= 3.1.15.1 - Authenticated (Subscriber+) Limited Arbitrary Option Update — Classified Listing – AI-Powered Classified ads & Business Directory Plugin 8.8 High2024-11-19
CVE-2024-11069 WordPress GDPR <= 2.0.2 - Missing Authorization to Unauthenticated Arbitrary User Deletion — WordPress GDPR 6.5 Medium2024-11-19

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5532 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.