Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-1438 WordPress Rolo Slider plugin <= 1.0.9 - Broken Access Control vulnerability — Rolo Slider 7.7 High2024-05-08
CVE-2022-40218 WordPress TH Advance Product Search plugin <= 1.1.4 - Unauthenticated Plugin Settings Change vulnerability — Advance WordPress Search Plugin 6.5 Medium2024-05-08
CVE-2023-41651 WordPress Multi-column Tag Map plugin <= 17.0.26 - Broken Access Control vulnerability — Multi-column Tag Map 6.5 Medium2024-05-08
CVE-2021-35001 BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability — Track-It! 6.5 -2024-05-07
CVE-2023-31234 WordPress Tilda Publishing plugin <= 0.3.23 - Broken Access Control vulnerability — Tilda Publishing 6.3 Medium2024-05-07
CVE-2024-33570 WordPress MetForm plugin <= 3.8.3 - Broken Access Control vulnerability — Metform 4.3 Medium2024-05-06
CVE-2024-33576 WordPress WPPizza plugin <= 3.18.10 - Broken Access Control vulnerability — WPPizza 6.5 Medium2024-05-06
CVE-2024-33907 WordPress Print My Blog plugin <= 3.26.2 - Broken Access Control vulnerability — Print My Blog 5.3 Medium2024-05-06
CVE-2024-33908 WordPress WidgetKit plugin <= 2.5.0 - Broken Access Control vulnerability — WidgetKit 5.3 Medium2024-05-06
CVE-2024-33910 WordPress Digital Publications by Supsystic plugin <= 1.7.7 - Broken Access Control vulnerability — Digital Publications by Supsystic 5.3 Medium2024-05-06
CVE-2024-33912 WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control on Paid Courses vulnerability — Academy LMS 7.1 High2024-05-06
CVE-2024-34371 WordPress Login with phone number plugin <= 1.7.18 - Broken Access Control vulnerability — Login with phone number 4.3 Medium2024-05-06
CVE-2024-34372 WordPress Post Grid Master plugin <= 3.4.7 - Broken Access Control vulnerability — Post Grid Master 5.3 Medium2024-05-06
CVE-2024-34377 WordPress Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery plugin <= 1.5.3 - Broken Access Control vulnerability — Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery 4.3 Medium2024-05-06
CVE-2024-34378 WordPress LeadConnector plugin <= 1.7 - API Broken Access Control vulnerability — LeadConnector 8.6 High2024-05-06
CVE-2024-34387 WordPress WP Post Author plugin <= 3.6.4 - Rating Value Manipulation vulnerability — WP Post Author 4.3 Medium2024-05-06
CVE-2024-34389 WordPress WP Post Author plugin <= 3.6.4 - Broken Access Control vulnerability — WP Post Author 4.3 Medium2024-05-06
CVE-2024-1050 Import and export users and customers <= 1.26.5 - Missing Authorization — Import and export users and customers 4.3 Medium2024-05-04
CVE-2024-3237 ConvertPlug <= 3.5.25 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update — ConvertPlus 5.4 Medium2024-05-04
CVE-2024-33914 WordPress Exclusive Addons for Elementor plugin <= 2.6.9.1 - Broken Access Control on Post Duplication vulnerability — Exclusive Addons Elementor 4.3 Medium2024-05-03
CVE-2024-33915 WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability — Debug Log Manager 4.3 Medium2024-05-03
CVE-2024-33919 WordPress RomethemeKit For Elementor plugin <= 1.4.1 - Broken Access Control vulnerability — RomethemeKit For Elementor 6.5 Medium2024-05-03
CVE-2024-33920 WordPress Democracy Poll plugin <= 6.0.3 - Broken Access Control vulnerability — Democracy Poll 5.3 Medium2024-05-03
CVE-2024-33923 WordPress SP Project & Document Manager plugin <= 4.69 - Broken Access Control vulnerability — SP Project & Document Manager 6.3 Medium2024-05-03
CVE-2024-33925 WordPress Embed Google Fonts plugin <= 3.1.0 - Broken Access Control vulnerability — Embed Google Fonts 4.3 Medium2024-05-03
CVE-2024-33929 WordPress Directorist plugin <= 7.8.6 - Broken Access Control vulnerability — Directorist 5.3 Medium2024-05-03
CVE-2024-33931 WordPress JW Player for WordPress plugin <= 2.3.3 - Broken Access Control vulnerability — JW Player for WordPress 6.5 Medium2024-05-03
CVE-2024-33937 WordPress Progressive WordPress (PWA) plugin <= 2.1.13 - Broken Access Control vulnerability — Progressive WordPress (PWA) 4.3 Medium2024-05-03
CVE-2024-24710 WordPress Feed Them Social plugin <= 4.2.0 - Broken Access Control vulnerability — Feed Them Social 4.3 Medium2024-05-03
CVE-2024-32810 WordPress ShortPixel Critical CSS plugin <= 1.0.2 - Broken Access Control vulnerability — ShortPixel Critical CSS 7.6 High2024-05-03

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.