Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-3600 Poll Maker – Best WordPress Poll Plugin <= 5.1.8 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting — Poll Maker – Versus Polls, Anonymous Polls, Image Polls 7.2 High2024-04-19
CVE-2024-32466 Tolgee's API key scopes not checked when querying translation data — tolgee-platform 2.7 Low2024-04-18
CVE-2024-32689 WordPress WP Social Comments plugin <= 1.7.3 - Broken Access Control vulnerability — WP Social Comments 4.3 Medium2024-04-18
CVE-2024-32601 WordPress Popup Anything plugin <= 2.8 - Broken Access Control vulnerability — Popup Anything 5.3 Medium2024-04-18
CVE-2023-49742 WordPress Support Genix plugin <= 1.2.3 - Broken Access Control lead to Arbitrary File Upload vulnerability — Support Genix 9.9 Critical2024-04-18
CVE-2024-32142 WordPress Ovic Responsive WPBakery plugin <= 1.3.0 - Broken Access Control vulnerability — Ovic Responsive WPBakery 5.4 Medium2024-04-18
CVE-2023-51418 WordPress JVM rich text icons plugin <= 1.2.6 - Arbitrary File Deletion vulnerability — JVM rich text icons 7.7 High2024-04-17
CVE-2023-51500 WordPress Uncode Core plugin <= 2.8.8 - Arbitrary File Deletion vulnerability — Uncode Core 7.7 High2024-04-17
CVE-2022-41698 WordPress If Menu – Visibility control for Menus plugin <= 0.16.3 - Broken Access Control — If Menu 6.5 Medium2024-04-17
CVE-2024-1350 WordPress Honeypot for WP Comment plugin <= 2.2.3 - Arbitrary File Deletion vulnerability — Honeypot for WP Comment 5.3 Medium2024-04-17
CVE-2023-44227 WordPress Simple File List Plugin <= 6.1.9 is vulnerable to Arbitrary File Deletion — Simple File List 7.5 High2024-04-17
CVE-2024-32509 WordPress WP Cost Estimation & Payment Forms Builder plugin <= 10.1.76 - Broken Access Control vulnerability — WP Cost Estimation & Payment Forms Builder 6.5 Medium2024-04-17
CVE-2024-32515 WordPress Mega Addons For Elementor plugin <= 1.8 - Broken Access Control vulnerability — Mega Addons For Elementor 5.4 Medium2024-04-17
CVE-2024-32516 WordPress Multi Currency For WooCommerce plugin <= 1.5.5 - Broken Access Control vulnerability — Multi Currency For WooCommerce 4.3 Medium2024-04-17
CVE-2024-32517 WordPress Custom Thank You Page Customize For WooCommerce by Binary Carpenter plugin <= 1.4.12 - Broken Access Control vulnerability — Custom Thank You Page Customize For WooCommerce by Binary Carpenter 4.3 Medium2024-04-17
CVE-2024-32518 WordPress PeproDev Ultimate Invoice plugin <= 2.0.0 - Broken Access Control vulnerability — PeproDev Ultimate Invoice 5.3 Medium2024-04-17
CVE-2024-32519 WordPress GG Woo Feed for WooCommerce plugin <= 1.2.6 - Broken Access Control vulnerability — GG Woo Feed for WooCommerce 4.3 Medium2024-04-17
CVE-2024-32520 WordPress WPC Grouped Product for WooCommerce plugin <= 4.4.2 - Broken Access Control vulnerability — WPC Grouped Product for WooCommerce 4.3 Medium2024-04-17
CVE-2024-32522 WordPress Open Close WooCommerce Store plugin <= 4.9.1 - Broken Access Control vulnerability — Open Close WooCommerce Store 4.3 Medium2024-04-17
CVE-2024-32524 WordPress Custom Order Statuses for WooCommerce plugin <= 1.5.2 - Broken Access Control vulnerability — Custom Order Statuses for WooCommerce 4.3 Medium2024-04-17
CVE-2024-32525 WordPress Theme My Login plugin <= 7.1.6 - Broken Access Control vulnerability — Theme My Login 4.3 Medium2024-04-17
CVE-2024-32532 WordPress Speed Optimizer plugin <= 7.4.6 - Broken Access Control vulnerability — Speed Optimizer 5.3 Medium2024-04-17
CVE-2024-32455 WordPress Fatal Error Notify plugin <= 1.5.2 - Broken Access Control vulnerability — Fatal Error Notify 4.3 Medium2024-04-16
CVE-2024-25911 WordPress MoveTo plugin <= 6.2 - Unauthenticated Arbitrary File Deletion vulnerability — MoveTo 8.6 High2024-04-16
CVE-2023-45000 WordPress LiteSpeed Cache plugin <= 5.7 - Unauthenticated Broken Access Control on API vulnerability — LiteSpeed Cache 8.2 High2024-04-16
CVE-2024-3243 Customer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending — Customer Reviews for WooCommerce 4.3 Medium2024-04-16
CVE-2024-3869 Customer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Coupon Search — Customer Reviews for WooCommerce 4.3 Medium2024-04-16
CVE-2024-31421 WordPress Popup by Supsystic plugin <= 1.10.27 - Broken Access Control vulnerability — Popup by Supsystic 4.3 Medium2024-04-15
CVE-2024-31432 WordPress Restrict Content plugin <= 3.2.8 - Broken Access Control vulnerability — Restrict Content 5.3 Medium2024-04-15
CVE-2024-3662 WPZOOM Social Feed Widget & Block <= 2.1.13 - Missing Authorization to Authenticated (Subscriber+) Instagram Image Deletion — WPZOOM Social Feed Widget & Block 4.3 Medium2024-04-13

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.