Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-62884 WordPress Coupon Affiliates plugin <= 7.2.0 - Broken Access Control vulnerability — Coupon Affiliates 5.3 Medium2025-10-27
CVE-2025-62883 WordPress Premmerce User Roles plugin <= 1.0.13 - Broken Access Control vulnerability — Premmerce User Roles 4.3 Medium2025-10-27
CVE-2025-62881 WordPress WP-Lister Lite for eBay plugin <= 3.8.3 - Broken Access Control vulnerability — WP-Lister Lite for eBay 4.3 Medium2025-10-27
CVE-2025-62882 WordPress Seriously Simple Podcasting plugin <= 3.13.0 - Broken Access Control vulnerability — Seriously Simple Podcasting 4.3 Medium2025-10-27
CVE-2025-11989 Missing Authorization in GitLab — GitLab 3.7 Low2025-10-26
CVE-2025-10637 Social Feed Gallery <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure — Social Feed Gallery 5.3 Medium2025-10-25
CVE-2025-11255 Password Policy Manager | Password Manager <= 2.0.5 - Missing Authorization to Authenticated (Subscriber+) Configuration Log Out — Password Policy Manager | Password Manager 4.3 Medium2025-10-25
CVE-2025-10694 User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds <= 1.8.0 - Missing Authorization to Information Disclosure — UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds 5.3 Medium2025-10-25
CVE-2025-11564 Tutor LMS – eLearning and online course solution <= 3.8.3 - Missing Authorization to Unauthenticated Payment Status Update — Tutor LMS – eLearning and online course solution 5.3 Medium2025-10-25
CVE-2025-11269 Product Filter by WBW <= 3.0.0 - Missing Authorization to Unauthenticated Settings Update — Product Filter for WooCommerce by WBW 5.3 Medium2025-10-25
CVE-2025-10579 BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure — BackWPup – WordPress Backup & Restore Plugin 5.3 Medium2025-10-25
CVE-2025-62714 Karmada Dashboard API Unauthorized Access Vulnerability — dashboard 7.5 -2025-10-24
CVE-2025-36361 IBM App Connect Enterprise runtime is vulnerable to a lack of authorization on windows environments using IWA — App Connect Enterprise 6.3 Medium2025-10-24
CVE-2025-12134 ZoloBlocks <= 2.3.11 - Missing Authorization to Unauthenticated Popup Enable/Disable — ZoloBlocks – Gutenberg Block Editor Plugin with Advanced Blocks, Dynamic Content, Templates & Patterns 5.3 Medium2025-10-24
CVE-2025-10749 Microsoft Azure Storage for WordPress <= 4.5.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Media Deletion — Microsoft Azure Storage for WordPress 5.4 Medium2025-10-24
CVE-2025-11172 Check Plagiarism <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update — Check Plagiarism 4.3 Medium2025-10-24
CVE-2025-10901 Originality.ai AI Checker <= 1.0.16 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via 'ai_get_table' — Originality.ai AI Checker 4.3 Medium2025-10-24
CVE-2025-11257 LLM Hubspot Blog Import <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Hubspot Import — LLM Hubspot Blog Import 4.3 Medium2025-10-24
CVE-2025-12014 NGINX Cache Optimizer <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Dynamic Caching Exclusion Update — NGINX Cache Optimizer 4.3 Medium2025-10-24
CVE-2025-11887 Supervisor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update — Supervisor 4.3 Medium2025-10-24
CVE-2025-62256 Liferay Portal和Liferay DXP 安全漏洞 — Portal 4.3AIMediumAI2025-10-23
CVE-2025-62614 BookLore Media API Authentication Bypass — booklore 7.5AIHighAI2025-10-22
CVE-2025-62247 Liferay Portal和Liferay DXP 安全漏洞 — Portal 6.5AIMediumAI2025-10-22
CVE-2025-62073 WordPress MeetingHub plugin <= 1.23.9 - Broken Access Control vulnerability — MeetingHub 4.3 Medium2025-10-22
CVE-2025-62071 WordPress Social proof testimonials and reviews by Repuso plugin <= 5.29 - Broken Access Control vulnerability — Social proof testimonials and reviews by Repuso 4.3 Medium2025-10-22
CVE-2025-62072 WordPress Front End Users plugin <= 3.2.33 - Broken Access Control vulnerability — Front End Users 4.3 Medium2025-10-22
CVE-2025-62070 WordPress WowRevenue plugin <= 1.2.13 - Broken Access Control vulnerability — WowRevenue 4.3 Medium2025-10-22
CVE-2025-62048 WordPress SmartCrawl plugin <= 3.14.3 - Broken Access Control vulnerability — SmartCrawl 5.4 Medium2025-10-22
CVE-2025-62052 WordPress One Page Express Companion plugin <= 1.6.43 - Broken Access Control vulnerability — One Page Express Companion 4.3 Medium2025-10-22
CVE-2025-62027 WordPress Event Tickets plugin <= 5.26.3 - Broken Access Control vulnerability — Event Tickets 5.4 Medium2025-10-22

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.