Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-41343 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41342 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41341 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41340 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41339 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41338 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41337 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41336 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 4.3AIMediumAI2025-11-04
CVE-2025-41335 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41114 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41113 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41112 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-41111 Missing Authorization vulnerability in CanalDenuncia.app — CanalDenuncia.app 5.3AIMediumAI2025-11-04
CVE-2025-12158 Simple User Capabilities <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation — Simple User Capabilities 9.8 Critical2025-11-04
CVE-2025-12389 Import Export For WooCommerce <= 1.6.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update — Import Export For WooCommerce 4.3 Medium2025-11-04
CVE-2025-12156 Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One 2.0.7 - 2.2.6 - Missing Authorization to Authenticated (Subscriber+) Post Creation — Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One 4.3 Medium2025-11-04
CVE-2025-11890 Crypto Payment Gateway with Payeer for WooCommerce <= 1.0.3 - Unauthenticated Payment Bypass — Crypto Payment Gateway with Payeer for WooCommerce 7.5 High2025-11-04
CVE-2025-12157 Simple User Capabilities <= 1.0 - Missing Authorization to Unauthenticated Capability Reset — Simple User Capabilities 5.3 Medium2025-11-04
CVE-2025-11758 All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier <= 2.0.3 - Missing Authorization to Page Creation and Information Exposure — All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier 6.5 Medium2025-11-04
CVE-2025-12350 DominoKit <= 1.1.0 - Missing Authorization to Unauthenticated Settings Update — DominoKit 5.3 Medium2025-11-04
CVE-2025-10896 Multiple Plugins <= Multiple Versions - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Upload — Image Comparison Addon for Elementor 8.8 High2025-11-04
CVE-2025-64294 WordPress WP Snow Effect plugin <= 1.1.19 - Broken Access Control vulnerability — WP Snow Effect 5.3 Medium2025-11-03
CVE-2025-36367 IBM i is affected by a privilege escalation in IBM i SQL services — i 8.8 High2025-11-01
CVE-2025-12180 Qi Blocks <= 1.4.3 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Update — Qi Blocks 4.3 Medium2025-11-01
CVE-2025-11833 Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.0 - Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App 9.8 Critical2025-11-01
CVE-2025-11816 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.5.1 - Missing Authorization to Unauthenticated API Disconnect — Privacy Policy Generator – WPLP Legal Pages 5.3 Medium2025-11-01
CVE-2025-64349 ELOG user profile missing authorization — ELOG 8.8 High2025-10-31
CVE-2025-64348 ELOG configuration file authorization bypass — ELOG 7.1 High2025-10-31
CVE-2025-64358 WordPress Smart Coupons for WooCommerce plugin <= 2.2.3 - Broken Access Control vulnerability — Smart Coupons for WooCommerce 4.3 Medium2025-10-31
CVE-2025-64356 WordPress Insert PHP Code Snippet plugin <= 1.4.3 - Broken Access Control vulnerability — Insert PHP Code Snippet 4.3 Medium2025-10-31

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.