Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-9194 Constructor <= 1.6.5 - Missing Authorization to Authenticated (Subscriber+) Theme Clean — Constructor 4.3 Medium2025-10-03
CVE-2025-10212 SiteAlert (Formerly WP Health) <= 1.9.8 - Missing Authorization to Unauthenticated Site Health Information Exposure — SiteAlert (Formerly WP Health) 5.3 Medium2025-10-03
CVE-2020-36852 Custom Searchable Data Entry System <= 1.7.1 - Unauthenticated Database Wiping — Custom Searchable Data Entry System 9.1 Critical2025-10-01
CVE-2025-10871 Missing Authorization in GitLab — GitLab 3.8 Low2025-09-26
CVE-2025-60166 WordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion Vulnerability — WP Subscription Forms PRO 4.3 Medium2025-09-26
CVE-2025-60165 WordPress Frames Theme <= 1.5.7 - Broken Access Control Vulnerability — Frames 4.3 Medium2025-09-26
CVE-2025-60159 WordPress Nota Fiscal Eletrônica WooCommerce plugin <= 3.4.0.9 - Broken Access Control vulnerability — Nota Fiscal Eletrônica WooCommerce 4.3 Medium2025-09-26
CVE-2025-60155 WordPress WP Virtual Assistant Plugin <= 3.0 - Broken Access Control Vulnerability — WP Virtual Assistant 5.3 Medium2025-09-26
CVE-2025-60152 WordPress Subscribe To Unlock Plugin <= 1.1.5 - Broken Access Control Vulnerability — Subscribe To Unlock 4.3 Medium2025-09-26
CVE-2025-60148 WordPress Subscribe to Download plugin <= 2.0.9 - Broken Access Control vulnerability — Subscribe to Download 4.3 Medium2025-09-26
CVE-2025-60143 WordPress Netgsm plugin <= 2.9.69 - Broken Access Control vulnerability — Netgsm 4.3 Medium2025-09-26
CVE-2025-60130 WordPress WEDOS Global Plugin <= 1.2.2 - Broken Access Control Vulnerability — WEDOS Global 5.3 Medium2025-09-26
CVE-2025-60129 WordPress Yext Plugin <= 1.1.3 - Broken Access Control Vulnerability — Yext 5.3 Medium2025-09-26
CVE-2025-60128 WordPress Delisho Plugin <= 1.1.3 - Broken Access Control Vulnerability — Delisho 4.3 Medium2025-09-26
CVE-2025-60127 WordPress CopySafe Web Protection plugin <= 5.1 - Broken Access Control vulnerability — CopySafe Web Protection 5.4 Medium2025-09-26
CVE-2025-60122 WordPress HivePress Claim Listings plugin <= 1.1.4 - Broken Access Control vulnerability — HivePress Claim Listings 4.3 Medium2025-09-26
CVE-2025-60123 WordPress HivePress Claim Listings plugin <= 1.1.3 - Broken Access Control vulnerability — HivePress Claim Listings 4.3 Medium2025-09-26
CVE-2025-60121 WordPress WooEvents plugin <= 4.1.7 - Broken Access Control vulnerability — WooEvents 5.3 Medium2025-09-26
CVE-2025-60120 WordPress WP Directory Kit plugin <= 1.4.0 - Broken Access Control vulnerability — WP Directory Kit 5.3 Medium2025-09-26
CVE-2025-60116 WordPress Grand Conference Theme Custom Post Type plugin < 2.6.4 - Broken Access Control vulnerability — Grand Conference Theme Custom Post Type 5.4 Medium2025-09-26
CVE-2025-60106 WordPress EmailKit Plugin <= 1.6.0 - Arbitrary Content Deletion Vulnerability — EmailKit 4.9 Medium2025-09-26
CVE-2025-60103 WordPress ListingPro plugin <= 2.9.8 - Broken Access Control vulnerability — ListingPro 5.4 Medium2025-09-26
CVE-2025-60097 WordPress TheGem Theme <= 5.10.5 - Broken Access Control Vulnerability — TheGem 5.4 Medium2025-09-26
CVE-2025-60098 WordPress Theme My Login Plugin <= 7.1.12 - Broken Access Control Vulnerability — Theme My Login 6.5 Medium2025-09-26
CVE-2025-60096 WordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control Vulnerability — TheGem (Elementor) 5.4 Medium2025-09-26
CVE-2025-60094 WordPress Stackable Plugin <= 3.18.1 - Broken Access Control Vulnerability — Stackable 4.3 Medium2025-09-26
CVE-2025-48326 WordPress Acclectic Media Organizer Plugin <= 1.4 - Broken Access Control Vulnerability — Acclectic Media Organizer 6.5 Medium2025-09-26
CVE-2025-58919 WordPress Wide Banner plugin <= 1.0.4 - Broken Access Control vulnerability — Wide Banner 5.3 Medium2025-09-26
CVE-2025-59011 WordPress Traveler Theme < 3.2.3 - Arbitrary Content Deletion Vulnerability — Traveler 7.5 High2025-09-26
CVE-2025-9984 Featured Image from URL (FIFU) <= 5.2.7 - Missing Authorization to Password Protected Post Disclosure — Featured Image from URL (FIFU) 5.3 Medium2025-09-26

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.