Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-47771 WordPress Essential Grid plugin <= 3.0.18 - Multiple Authenticated Broken Access Control vulnerability — Essential Grid 8.3 High2024-06-19
CVE-2023-47783 WordPress Thrive Theme Builder theme < 3.24.0 - Multiple Authenticated Broken Access Control vulnerability — Thrive Theme Builder 8.3 High2024-06-19
CVE-2023-47788 WordPress Jetpack plugin < 12.7 - Contributor+ Broken Access Control vulnerability — Jetpack 4.3 Medium2024-06-19
CVE-2023-48759 WordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Arbitrary Attachment Download vulnerability — JetElements For Elementor 7.5 High2024-06-19
CVE-2023-48760 WordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Broken Access Control vulnerability — JetElements For Elementor 8.2 High2024-06-19
CVE-2023-48761 WordPress JetElements For Elementor plugin <= 2.6.13 - Broken Access Control vulnerability — JetElements For Elementor 6.3 Medium2024-06-19
CVE-2024-5768 MIMO Woocommerce Order Tracking <= 1.0.2 - Missing Authorization to Authenticated (Contributor+) Stored Cross-Site Scripting — MIMO Woocommerce Order Tracking 6.4 Medium2024-06-19
CVE-2024-4450 AliExpress Dropshipping with AliNext Lite <= 3.3.6 - Missing Authorization via Several Functions — AliExpress Dropshipping Plugin for WooCommerce & WordPress 6.3 Medium2024-06-19
CVE-2024-38504 JetBrains YouTrack 安全漏洞 — YouTrack 4.3 Medium2024-06-18
CVE-2024-38506 JetBrains YouTrack 安全漏洞 — YouTrack 6.3 Medium2024-06-18
CVE-2024-5899 Improper trust check in Bazel Build intellij plugin — intellij plugin 7.5AIHighAI2024-06-18
CVE-2024-5860 Tickera <= 3.5.2.8 - Missing Authorization to Authenticated (Susbcriber+) Ticket Deletion — Tickera – Sell Tickets & Manage Events 4.3 Medium2024-06-18
CVE-2024-1634 Scheduling Plugin – Online Booking for WordPress <= 3.5.10 - Missing Authorization to Unauthenticated Service Disconnection — Scheduling Plugin – Online Booking for WordPress 6.5 Medium2024-06-18
CVE-2024-5541 Ibtana - WordPress Website Builder <= 1.2.3.3 - Unauthenticated reCAPTCHA Settings Update — Ibtana – WordPress Website Builder 5.3 Medium2024-06-18
CVE-2024-5858 Infographic Maker iList <= 4.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Title Update — AI Infographic Maker 4.3 Medium2024-06-15
CVE-2023-6696 Popup Builder – Create highly converting, mobile friendly marketing popups <= 4.3.1 - Missing Authorization and Nonce Exposure — Popup Builder – Create highly converting, mobile friendly marketing popups. 8.1 High2024-06-15
CVE-2024-2544 Popup Builder <= 4.3.0 - Missing Authorization in Multiple AJAX Actions — Popup Builder – Create highly converting, mobile friendly marketing popups. 7.4 High2024-06-15
CVE-2023-51376 WordPress ProjectHuddle Client Site plugin <= 1.0.34 - Broken Access Control vulnerability — ProjectHuddle Client Site 4.3 Medium2024-06-14
CVE-2024-5685 Broken Function Level Authorization (BFLA) in snipe/snipe-it — snipe-it 7.6 High2024-06-14
CVE-2023-51377 WordPress Everest Forms plugin <= 2.0.3 - Broken Access Control vulnerability — Everest Forms 5.3 Medium2024-06-14
CVE-2023-51495 WordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability — WooCommerce Warranty Requests 6.5 Medium2024-06-14
CVE-2023-51496 WordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability — WooCommerce Warranty Requests 5.3 Medium2024-06-14
CVE-2024-23504 WordPress Ninja Tables plugin <= 5.0.5 - Broken Access Control vulnerability — Ninja Tables 5.3 Medium2024-06-14
CVE-2023-51497 WordPress WooCommerce Ship to Multiple Addresses plugin <= 3.8.9 - Broken Access Control vulnerability — WooCommerce Ship to Multiple Addresses 5.4 Medium2024-06-14
CVE-2024-1094 Timetics- AI-powered Appointment Booking with Visual Seat Plan and ultimate Calendar Scheduling Plugin <= 1.0.21 - Missing Authorization to Limited Privilege Escalation — Timetics – Appointment Booking & Scheduling 7.3 High2024-06-14
CVE-2023-51507 WordPress Quiz And Survey Master plugin <= 8.1.16 - Broken Access Control vulnerability — Quiz And Survey Master 5.3 Medium2024-06-14
CVE-2023-51516 WordPress Business Directory Plugin – Easy Listing Directories for WordPress plugin <= 6.3.9 - Broken Access Control vulnerability — Business Directory Plugin 5.4 Medium2024-06-14
CVE-2023-51523 WordPress WooCommerce Easy Duplicate Product plugin <= 0.3.0.7 - Broken Access Control vulnerability — WooCommerce Easy Duplicate Product 4.3 Medium2024-06-14
CVE-2023-29174 WordPress SKU Label Changer For WooCommerce plugin <= 3.0 - Broken Access Control vulnerability — SKU Label Changer For WooCommerce 6.5 Medium2024-06-13
CVE-2023-35040 WordPress SendPress Newsletters plugin <= 1.23.11.6 - Broken Access Control vulnerability — SendPress Newsletters 5.3 Medium2024-06-13

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.