CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-33565	WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.5.3 - Unauthenticated Broken Access Control vulnerability — Barcode Scanner with Inventory & Order Manager	9.1	Critical	2024-06-09
CVE-2024-33572	WordPress Nexter Blocks plugin <= 3.2.5 - Broken Access Control vulnerability — Nexter Blocks	4.3	Medium	2024-06-09
CVE-2024-34435	WordPress Aiomatic plugin <= 1.9.3 - Broken Access Control vulnerability — Aiomatic	4.3	Medium	2024-06-09
CVE-2024-35660	WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on API vulnerability — Master Addons for Elementor	6.5	Medium	2024-06-09
CVE-2024-35669	WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability — Debug Log Manager	4.3	Medium	2024-06-09
CVE-2024-31274	WordPress EmbedPress plugin <= 3.9.11 - Broken Access Control vulnerability — EmbedPress	5.3	Medium	2024-06-09
CVE-2024-31273	WordPress JS Help Desk plugin <= 2.8.3 - Broken Access Control vulnerability — JS Help Desk – Best Help Desk & Support Plugin	5.3	Medium	2024-06-09
CVE-2024-31267	WordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability — Flexible Checkout Fields for WooCommerce	4.3	Medium	2024-06-09
CVE-2024-31261	WordPress Announcer – Notification & message bars plugin <= 6.0 - Broken Access Control vulnerability — Announcer – Notification & message bars	4.3	Medium	2024-06-09
CVE-2024-31252	WordPress Responsive Lightbox & Gallery plugin <= 2.4.6 - Broken Access Control vulnerability — Responsive Lightbox	4.3	Medium	2024-06-09
CVE-2024-31248	WordPress All-in-One Video Gallery plugin <= 3.5.2 - Broken Access Control vulnerability — All-in-One Video Gallery	4.3	Medium	2024-06-09
CVE-2024-31244	WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change vulnerability — Bricksforge	9.8	Critical	2024-06-09
CVE-2024-31243	WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion vulnerability — Bricksforge	7.5	High	2024-06-09
CVE-2024-30544	WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability — Whizzy	5.3	Medium	2024-06-09
CVE-2024-30529	WordPress Tainacan plugin <= 0.20.7 - Broken Access Control vulnerability — Tainacan	5.3	Medium	2024-06-09
CVE-2024-30517	WordPress Sliced Invoices plugin <= 3.9.2 - Broken Access Control vulnerability — Sliced Invoices	4.3	Medium	2024-06-09
CVE-2024-30515	WordPress Events Manager plugin <= 6.4.6.4 - Broken Access Control vulnerability — Events Manager	4.3	Medium	2024-06-09
CVE-2024-30512	WordPress weForms plugin <= 1.6.20 - Broken Access Control vulnerability — weForms	3.7	Low	2024-06-09
CVE-2024-30485	WordPress Finale Lite plugin <= 2.18.0 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability — Finale Lite	8.8	High	2024-06-09
CVE-2024-30470	WordPress YITH WooCommerce Account Funds Premium plugin <= 1.32.0 - Broken Access Control vulnerability — YITH WooCommerce Account Funds Premium	6.5	Medium	2024-06-09
CVE-2024-30467	WordPress Essential Blocks plugin <= 4.4.9 - Broken Access Control vulnerability — Essential Blocks for Gutenberg	6.5	Medium	2024-06-09
CVE-2024-30466	WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.4 - Broken Access Control vulnerability — WooCommerce Multilingual & Multicurrency	5.4	Medium	2024-06-09
CVE-2024-30465	WordPress PageLayer plugin <= 1.8.1 - Broken Access Control vulnerability — PageLayer	6.5	Medium	2024-06-09
CVE-2024-30464	WordPress Social Icons Widget & Block by WPZOOM plugin <= 4.2.15 - Broken Access Control vulnerability — Social Icons Widget & Block by WPZOOM	5.4	Medium	2024-06-09
CVE-2024-25929	WordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerability — Product Catalog Enquiry for WooCommerce by MultiVendorX	6.5	Medium	2024-06-09
CVE-2024-25092	WordPress NextMove Lite plugin <= 2.17.0 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability — NextMove Lite	8.8	High	2024-06-09
CVE-2024-24716	WordPress Awesome Support plugin <= 6.1.6 - Broken Access Control vulnerability — Awesome Support	5.4	Medium	2024-06-09
CVE-2023-34003	WordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerability — WooCommerce Box Office	6.5	Medium	2024-06-09
CVE-2023-31080	WordPress Unlimited Elements For Elementor plugin <= 1.5.65 - Multiple Broken Access Control vulnerability — Unlimited Elements For Elementor (Free Widgets, Addons, Templates)	8.3	High	2024-06-09
CVE-2023-23640	WordPress MainWP UpdraftPlus Extension Plugin <= 4.0.6 - Subscriber+ Arbitrary Plugin Activation Vulnerability — MainWP UpdraftPlus Extension	5.4	Medium	2024-06-09

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-862 (授权机制缺失) — Vulnerability Class 5531