Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-64179 lakeFS: Unauthenticated access to API usage metrics — lakeFS 5.3 Medium2025-11-06
CVE-2025-62914 WordPress Effect Maker plugin <= 1.2.1 - Broken Access Control vulnerability — Effect Maker 6.5 Medium2025-11-06
CVE-2025-62049 WordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerability — Cost Calculator Builder 6.5 Medium2025-11-06
CVE-2025-62046 WordPress TheGem Demo Import (for WPBakery) plugin <= 5.10.5 - Arbitrary Content Deletion vulnerability — TheGem Demo Import (for WPBakery) 6.5 Medium2025-11-06
CVE-2025-62037 WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability — Togo 6.5 Medium2025-11-06
CVE-2025-62033 WordPress Togo theme < 1.0.4 - Broken Access Control vulnerability — Togo 6.5 Medium2025-11-06
CVE-2025-62028 WordPress Salient theme < 17.4.0 - Broken Access Control vulnerability — Salient 4.3 Medium2025-11-06
CVE-2025-62018 WordPress Kallyas theme <= 4.22.0 - Broken Access Control vulnerability — KALLYAS 5.3 Medium2025-11-06
CVE-2025-62017 WordPress Kallyas theme <= 4.22.0 - Broken Access Control vulnerability — KALLYAS 5.4 Medium2025-11-06
CVE-2025-60247 WordPress Bux Woocommerce plugin <= 1.2.3 - Broken Access Control vulnerability — Bux Woocommerce 6.5 Medium2025-11-06
CVE-2025-58986 WordPress Jock On Air Now (JOAN) plugin <= 6.0.4 - Broken Access Control vulnerability — Jock On Air Now (JOAN) 6.5 Medium2025-11-06
CVE-2025-58629 WordPress Miraculous theme < 2.0.9 - Arbitrary Content Deletion vulnerability — Miraculous 7.5 High2025-11-06
CVE-2025-58243 WordPress imEvent Theme <= 3.4.0 - Broken Access Control Vulnerability — imEvent 5.3 Medium2025-11-06
CVE-2025-5803 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.2 - Broken Access Control vulnerability — VikBooking Hotel Booking Engine & PMS 5.3 Medium2025-11-06
CVE-2025-58207 WordPress Ai Image Alt Text Generator for WP Plugin <= 1.1.5 - Broken Access Control Vulnerability — Ai Image Alt Text Generator for WP 8.2 High2025-11-06
CVE-2025-54711 WordPress Info Cards Plugin <= 1.0.11 - Broken Access Control Vulnerability — Info Cards 7.1 High2025-11-06
CVE-2025-53246 WordPress Backup and Move Plugin <= 0.1 - Broken Access Control Vulnerability — Backup and Move 6.5 Medium2025-11-06
CVE-2025-53214 WordPress Sertifier Certificate & Badge Maker plugin <= 1.21 - Broken Access Control Vulnerability — Sertifier Certificate & Badge Maker 6.5 Medium2025-11-06
CVE-2025-49394 WordPress Image Gallery block – Create and display photo gallery/photo album. plugin <= 1.0.7 - Broken Authentication vulnerability — Image Gallery block – Create and display photo gallery/photo album. 7.1 High2025-11-06
CVE-2025-39465 WordPress Advanced Google Maps plugin <= 5.8.4 - Broken Access Control vulnerability — Advanced Google Maps 4.3 Medium2025-11-06
CVE-2025-12563 Blog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Incorrect Authorization to Video File Upload — Blog2Social: Social Media Auto Post & Scheduler 4.3 Medium2025-11-06
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator — marin3r 7.5 -2025-11-06
CVE-2025-12469 FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce <= 3.6.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce 4.3 Medium2025-11-05
CVE-2025-12675 KiotViet Sync <= 1.8.5 - Missing Authorization to Authenticated (Subscriber+) Settings Update — KiotViet Sync 4.3 Medium2025-11-05
CVE-2025-12384 Document Embedder – Embed PDFs, Word, Excel, and Other Files <= 2.0.0 - Missing Authorization to Unauthenticated Document Manipulation — Document Embedder – Embed PDFs, Word, Excel, and Other Files 8.6 High2025-11-05
CVE-2025-11373 Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload — Depicter — Popup & Slider Builder 4.3 Medium2025-11-05
CVE-2025-11835 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.16.4 - Missing Authorization to Unauthenticated Arbitrary Member Subscription Auto Renewal — Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction 5.3 Medium2025-11-05
CVE-2025-12582 Features <= 0.0.2 - Missing Authorization to Authenticated (Subscriber+) Option Reset — Features 4.3 Medium2025-11-05
CVE-2025-41345 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41344 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.