CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-29228	Synology Surveillance Station 安全漏洞 — Surveillance Station	7.7	High	2024-03-28
CVE-2024-28003	WordPress Max Mega Menu plugin <= 3.3 - Broken Access Control vulnerability — Max Mega Menu	5.4	Medium	2024-03-28
CVE-2024-28004	WordPress Colibri Page Builder plugin <= 1.0.248 - Broken Access Control vulnerability — Colibri Page Builder	5.4	Medium	2024-03-28
CVE-2024-2962	Networker - Tech News WordPress Theme with Dark Mode <= 1.1.9 - Missing Authorization — Networker - Tech News WordPress Theme with Dark Mode	5.3	Medium	2024-03-27
CVE-2023-52214	WordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.3 - Broken Access Control vulnerability — Void Contact Form 7 Widget For Elementor Page Builder	4.3	Medium	2024-03-26
CVE-2024-22156	WordPress SalesKing plugin <= 1.6.15 - Unauthenticated Plugin Settings Change vulnerability — SalesKing	6.5	Medium	2024-03-26
CVE-2024-2906	WordPress Radio Player plugin <= 2.0.73 - Unauthenticated Broken Access Control vulnerability — Radio Player	6.5	Medium	2024-03-26
CVE-2024-30235	WordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.0 - Broken Access Control vulnerability — Multiple Page Generator Plugin – MPG	4.3	Medium	2024-03-26
CVE-2024-30234	WordPress WholesaleX plugin <= 1.3.1 - Broken Access Control vulnerability — WholesaleX	6.5	Medium	2024-03-26
CVE-2024-23520	WordPress PopupAlly plugin <= 2.1.0 - Broken Access Control vulnerability — PopupAlly	4.3	Medium	2024-03-26
CVE-2024-24711	WordPress WooCommerce Conversion Tracking plugin <= 2.0.11 - Broken Access Control vulnerability — WooCommerce Conversion Tracking	4.3	Medium	2024-03-26
CVE-2024-24718	WordPress PropertyHive plugin <= 2.0.6 - Missing Authorization to Non-Arbitrary Plugin Installation vulnerability — PropertyHive	4.3	Medium	2024-03-26
CVE-2024-24719	WordPress Kikote plugin <= 1.8.9 - Broken Access Control vulnerability — Location Picker at Checkout for WooCommerce	4.3	Medium	2024-03-26
CVE-2024-24799	WordPress WooCommerce Box Office plugin <= 1.2.2 - Broken Access Control vulnerability — WooCommerce Box Office	6.5	Medium	2024-03-26
CVE-2024-24805	WordPress WP Dummy Content Generator plugin <= 3.1.2 - Broken Access Control vulnerability — WP Dummy Content Generator	4.3	Medium	2024-03-26
CVE-2023-25039	WordPress Google Maps CP plugin <= 1.0.43 - Missing Authorization Leading To Feedback Submission Vulnerability — Google Maps CP	4.3	Medium	2024-03-25
CVE-2022-38057	WordPress TH Advance Product Search plugin <= 1.2.1 - Unauthenticated Plugin Settings Reset vulnerability — Advance WordPress Search Plugin	6.5	Medium	2024-03-25
CVE-2023-22699	WordPress MainWP Wordfence Extension Plugin <= 4.0.7 - Subscriber+ Arbitrary Plugin Activation Vulnerability — MainWP Wordfence Extension	5.4	Medium	2024-03-25
CVE-2022-45851	WordPress ShareThis Dashboard for Google Analytics plugin <= 3.1.4 - Broken Access Control vulnerability — ShareThis Dashboard for Google Analytics	5.4	Medium	2024-03-25
CVE-2022-45356	WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability — Betheme	5.4	Medium	2024-03-25
CVE-2022-45352	WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability — Betheme	5.4	Medium	2024-03-25
CVE-2022-45351	WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability — Betheme	5.4	Medium	2024-03-25
CVE-2022-45349	WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability — Betheme	4.3	Medium	2024-03-25
CVE-2022-44626	WordPress Squirrly SEO (Peaks) plugin <= 12.1.20 - Broken Access Control vulnerability — SEO Plugin by Squirrly SEO	6.3	Medium	2024-03-25
CVE-2023-27608	WordPress Points and Rewards for WooCommerce plugin <= 1.5.0 - Broken Access Control vulnerability — Points and Rewards for WooCommerce	6.5	Medium	2024-03-25
CVE-2023-30480	WordPress Educenter theme <= 1.5.5 - Broken Access Control — Educenter	4.3	Medium	2024-03-25
CVE-2023-33923	Broken Access Control leading to Arbitrary Plugin Activation in multiple HashThemes themes — Viral News	4.3	Medium	2024-03-25
CVE-2023-37885	WordPress RealHomes theme <= 4.0.2 - Broken Access Control vulnerability — RealHomes	4.3	Medium	2024-03-25
CVE-2023-37886	WordPress RealHomes theme <= 4.0.2 - Broken Access Control vulnerability — RealHomes	5.4	Medium	2024-03-25
CVE-2024-24832	WordPress EventPrime plugin <= 3.3.9 - Broken Access Control vulnerability — EventPrime	8.2	High	2024-03-23

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-862 (授权机制缺失) — Vulnerability Class 5531