Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-62022 WordPress BuddyPress plugin <= 14.3.4 - Broken Access Control vulnerability — BuddyPress 7.5 High2025-10-22
CVE-2025-62021 WordPress Acknowledgify plugin <= 1.1.3 - Broken Access Control vulnerability — Acknowledgify 4.3 Medium2025-10-22
CVE-2025-62013 WordPress UiChemy plugin <= 4.0.0 - Broken Access Control vulnerability — UiChemy 4.3 Medium2025-10-22
CVE-2025-62019 WordPress Recipe Card Blocks for Gutenberg & Elementor plugin <= 3.4.8 - Broken Access Control vulnerability — Recipe Card Blocks for Gutenberg & Elementor 6.5 Medium2025-10-22
CVE-2025-62006 WordPress WP SMS plugin <= 7.0.1 - Broken Access Control vulnerability — WP SMS 5.4 Medium2025-10-22
CVE-2025-53421 WordPress Accordion plugin <= 2.3.14 - Broken Access Control vulnerability — Accordion 6.5 Medium2025-10-22
CVE-2025-53424 WordPress WooCommerce Orders & Customers Exporter plugin <= 5.4 - Broken Access Control vulnerability — WooCommerce Orders & Customers Exporter 6.5 Medium2025-10-22
CVE-2025-53236 WordPress UDesign Core plugin <= 4.14.0 - Broken Access Control vulnerability — UDesign Core 6.3 Medium2025-10-22
CVE-2025-52757 WordPress SUMO Memberships for WooCommerce plugin < 7.8.0 - Arbitrary Content Deletion vulnerability — SUMO Memberships for WooCommerce 6.5 Medium2025-10-22
CVE-2025-52738 WordPress Wikipedia Preview plugin <= 1.15.0 - Broken Access Control vulnerability — Wikipedia Preview 6.5 Medium2025-10-22
CVE-2025-49961 WordPress Breeze Checkout plugin <= 1.4.0 - Broken Access Control vulnerability — Breeze Checkout 6.5 Medium2025-10-22
CVE-2025-49949 WordPress Templazee plugin <= 1.0.2 - Broken Access Control Vulnerability — Templazee 5.4 Medium2025-10-22
CVE-2025-49950 WordPress Official Integration for Billingo plugin <= 4.3.0 - Privilege Escalation vulnerability — Official Integration for Billingo 7.2 High2025-10-22
CVE-2025-49937 WordPress Smash Balloon Social Post Feed plugin <= 4.3.2 - Broken Access Control vulnerability — Smash Balloon Social Post Feed 4.3 Medium2025-10-22
CVE-2025-49925 WordPress WPLMS plugin <= 1.9.9.7 - Broken Access Control vulnerability — WPLMS 7.5 High2025-10-22
CVE-2025-49922 WordPress WPeMatico RSS Feed Fetcher plugin <= 2.8.3 - Broken Access Control vulnerability — WPeMatico RSS Feed Fetcher 4.3 Medium2025-10-22
CVE-2025-49920 WordPress Web Accessibility By accessiBe plugin <= 2.10 - Broken Access Control vulnerability — Web Accessibility By accessiBe 5.4 Medium2025-10-22
CVE-2025-49916 WordPress MultiVendorX plugin <= 4.2.23 - Broken Access Control vulnerability — MultiVendorX 8.6 High2025-10-22
CVE-2025-49913 WordPress CoSchedule plugin <= 3.4.0 - Broken Access Control vulnerability — CoSchedule 5.3 Medium2025-10-22
CVE-2025-49910 WordPress WPGuppy plugin <= 1.1.4 - Broken Access Control vulnerability — WPGuppy 8.2 High2025-10-22
CVE-2025-49907 WordPress MDTF plugin <= 1.3.3.9 - Broken Access Control vulnerability — MDTF 4.3 Medium2025-10-22
CVE-2025-49906 WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability — WPComplete 5.3 Medium2025-10-22
CVE-2025-49899 WordPress Whydonate plugin <= 4.0.15 - Broken Access Control vulnerability — Whydonate 5.3 Medium2025-10-22
CVE-2025-49903 WordPress ZoloBlocks plugin <= 2.3.11 - Broken Access Control vulnerability — ZoloBlocks 5.3 Medium2025-10-22
CVE-2025-49376 WordPress DELUCKS SEO plugin <= 2.5.9 - Broken Access Control vulnerability — DELUCKS SEO 5.3 Medium2025-10-22
CVE-2025-49377 WordPress Hydra Booking plugin <= 1.1.9 - Broken Access Control vulnerability — Hydra Booking 6.3 Medium2025-10-22
CVE-2025-48096 WordPress Custom CSS plugin <= 1.4.0 - Broken Access Control vulnerability — Custom CSS 6.5 Medium2025-10-22
CVE-2025-30944 WordPress Tablesome Table Premium <= 1.1.23 - Broken Access Control Vulnerability — Tablesome Table Premium 7.5 High2025-10-22
CVE-2025-9133 Zyxel ATP series firmware和Zyxel USG FLEX series firmware 安全漏洞 — ATP series firmware 8.1 High2025-10-21
CVE-2025-11372 LearnPress – WordPress LMS Plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation — LearnPress – WordPress LMS Plugin for Create and Sell Online Courses 6.5 Medium2025-10-18

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.