Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-7040 Cloud SAML SSO <= 1.0.19 - Missing Authorization to Unauthenticated Settings Modification via set_organization_settings Action — Cloud SAML SSO – Single Sign On Login 8.2 High2025-09-06
CVE-2025-53571 WordPress HAPPY plugin <= 1.0.6 - Broken Access Control vulnerability — HAPPY 6.5 Medium2025-09-05
CVE-2025-54744 WordPress MasterStudy LMS plugin <= 3.6.15 - Broken Access Control vulnerability — MasterStudy LMS 6.5 Medium2025-09-05
CVE-2025-58824 WordPress Shk Corporate Theme <= 2.4.1.1 - Broken Access Control Vulnerability — Shk Corporate 4.3 Medium2025-09-05
CVE-2025-58817 WordPress SoftMe Theme <= 1.1.27 - Broken Access Control Vulnerability — SoftMe 4.3 Medium2025-09-05
CVE-2025-58816 WordPress Product Carousel Slider for Elementor Plugin <= 2.1.3 - Broken Access Control Vulnerability — Product Carousel Slider for Elementor 3.5 Low2025-09-05
CVE-2025-58813 WordPress Consultstreet Theme <= 3.0.0 - Broken Access Control Vulnerability — Consultstreet 4.3 Medium2025-09-05
CVE-2025-58795 WordPress Payoneer Checkout Plugin <= 3.4.0 - Content Spoofing Vulnerability — Payoneer Checkout 4.3 Medium2025-09-05
CVE-2025-58785 WordPress Ray Enterprise Translation plugin <= 1.7.2 - Broken Access Control vulnerability — Ray Enterprise Translation 5.4 Medium2025-09-05
CVE-2025-58783 WordPress Gutentor plugin <= 3.5.5 - Broken Access Control vulnerability — Gutentor 4.3 Medium2025-09-05
CVE-2025-8268 Ai Engine <= 2.9.5 - Missing Authorization to Unauthenticated Uploaded Files Disclosure And Deletion — AI Engine – The Chatbot, AI Framework & MCP for WordPress 6.5 Medium2025-09-03
CVE-2025-58639 WordPress Contact Form By Mega Forms Plugin <= 1.6.1 - Broken Access Control Vulnerability — Contact Form By Mega Forms 5.4 Medium2025-09-03
CVE-2025-58635 WordPress Support Genix Plugin <= 1.4.23 - Broken Access Control Vulnerability — Support Genix 5.3 Medium2025-09-03
CVE-2025-58634 WordPress PeachPay Payments Plugin <= 1.117.4 - Broken Access Control Vulnerability — PeachPay Payments 5.3 Medium2025-09-03
CVE-2025-58622 WordPress Mobile Contact Line Plugin <= 2.4.0 - Broken Access Control Vulnerability — Mobile Contact Line 4.3 Medium2025-09-03
CVE-2025-58617 WordPress F4 Media Taxonomies Plugin <= 1.1.4 - Broken Access Control Vulnerability — F4 Media Taxonomies 4.3 Medium2025-09-03
CVE-2025-58616 WordPress Frisbii Pay Plugin <= 1.8.2.1 - Broken Access Control Vulnerability — Frisbii Pay 6.5 Medium2025-09-03
CVE-2025-58613 WordPress Posts Table with Search & Sort Plugin <= 1.4.10 - Broken Access Control Vulnerability — Posts Table with Search & Sort 5.3 Medium2025-09-03
CVE-2025-58606 WordPress SaasLauncher Theme <= 1.3.0 - Broken Access Control Vulnerability — SaasLauncher 5.0 Medium2025-09-03
CVE-2025-58603 WordPress Surfer Plugin <= 1.6.4.574 - Broken Access Control Vulnerability — Surfer 5.3 Medium2025-09-03
CVE-2025-58601 WordPress Classified Listing Plugin <= 5.0.6 - Broken Access Control Vulnerability — Classified Listing 4.3 Medium2025-09-03
CVE-2025-58600 WordPress Paid Member Subscriptions Plugin <= 2.15.9 - Broken Access Control Vulnerability — Paid Member Subscriptions 5.3 Medium2025-09-03
CVE-2025-58599 WordPress Order Delivery Date for WooCommerce Plugin <= 4.1.0 - Broken Access Control Vulnerability — Order Delivery Date for WooCommerce 4.3 Medium2025-09-03
CVE-2025-58594 WordPress Brizy Plugin <= 2.7.12 - Broken Access Control Vulnerability — Brizy 4.3 Medium2025-09-03
CVE-2025-3701 WordPress Malcure Malware Scanner plugin <= 16.8 - Broken Access Control vulnerability — Malcure Malware Scanner 4.3 Medium2025-09-03
CVE-2025-9219 Post SMTP <= 3.4.1 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Option Update — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App 4.3 Medium2025-09-03
CVE-2025-58210 WordPress Makeaholic Theme <= 1.8.5 - Broken Access Control Vulnerability — Makeaholic 5.3 Medium2025-09-03
CVE-2025-6685 ATEN eco DC Missing Authorization Privilege Escalation Vulnerability — eco DC 8.8 -2025-09-02
CVE-2024-32832 WordPress Login with Phone Number plugin <= 1.6.93 - Broken Access Control vulnerability — Login with phone number 9.8 Critical2025-08-31
CVE-2024-32589 WordPress Barcode Scanner and Inventory manager plugin <= 1.5.3 - Broken Access Control to XSS vulnerability — Barcode Scanner with Inventory & Order Manager 7.1 High2025-08-31

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.