Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-54040 WordPress Webba Booking <= 5.1.20 - Broken Access Control Vulnerability — Webba Booking 6.5 Medium2025-08-20
CVE-2025-9202 ColorMag <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin Installation — ColorMag 4.3 Medium2025-08-20
CVE-2025-55734 flaskBlo Authorization Bypass — FlaskBlog 7.5AIHighAI2025-08-19
CVE-2025-4046 Missing Authorization in Lexmark Cloud Services badge management — Lexmark Cloud Services 8.5 High2025-08-19
CVE-2025-8357 Media Library Assistant <= 3.27 - Authenticated (Author+) Limited File Deletion — Media Library Assistant 4.3 Medium2025-08-19
CVE-2025-7499 BetterDocs <= 4.1.1 - Missing Authorization to Private And Password-Protected Posts Information Disclosure — BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor 5.3 Medium2025-08-16
CVE-2025-8898 Taxi Booking Manager for Woocommerce | E-cab <= 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation via Account Takeover — E-cab Taxi Booking Manager for Woocommerce 9.8 Critical2025-08-16
CVE-2025-7664 Al Pack <= 1.1.1 - Missing Authorization to Unauthenticated Premium Feature Activation via check_activate_permission Function — AL Pack 7.5 High2025-08-16
CVE-2025-8996 Layout Builder Advanced Permissions - Moderately critical - Access bypass - SA-CONTRIB-2025-097 — Layout Builder Advanced Permissions--AI2025-08-15
CVE-2025-49432 WordPress Ultimate Video Player Plugin <= 10.1 - Broken Access Control Vulnerability — Ultimate Video Player 5.3 Medium2025-08-15
CVE-2025-8342 WooCommerce OTP Login With Phone Number, OTP Verification <= 1.8.47 - Authentication Bypass — OTP Login With Phone Number, OTP Verification 8.1 High2025-08-15
CVE-2025-53221 WordPress CodeablePress plugin <= 1.0.2 - Broken Access Control vulnerability — CodeablePress 4.3 Medium2025-08-14
CVE-2025-53341 WordPress Stratus Theme <= 4.2.5 - Broken Access Control Vulnerability — App, SaaS & Software Startup Tech Theme - Stratus 4.3 Medium2025-08-14
CVE-2025-53343 WordPress Modernize Theme <= 3.4.0 - Broken Access Control Vulnerability — Modernize 4.3 Medium2025-08-14
CVE-2025-54712 WordPress Easy Elementor Addons Plugin <= 2.2.7 - Broken Access Control Vulnerability — Easy Elementor Addons 4.3 Medium2025-08-14
CVE-2025-54717 WordPress WP Membership Plugin <= 1.6.3 - Settings Change Vulnerability — WP Membership 5.4 Medium2025-08-14
CVE-2025-54730 WordPress Embedder for Google Reviews Plugin <= 1.7.3 - Broken Access Control Vulnerability — Embedder for Google Reviews 5.3 Medium2025-08-14
CVE-2025-54739 WordPress Nexter Blocks Plugin <= 4.5.4 - Broken Access Control Vulnerability — Nexter Blocks 5.3 Medium2025-08-14
CVE-2025-55712 WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 6.3.13 - Broken Access Control Vulnerability — The Plus Addons for Elementor Page Builder Lite 6.5 Medium2025-08-14
CVE-2025-55716 WordPress WP Statistics Plugin <= 14.15 - Broken Access Control Vulnerability — WP Statistics 4.3 Medium2025-08-14
CVE-2025-20302 Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability — Cisco Firepower Management Center 4.3 Medium2025-08-14
CVE-2025-20301 Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability — Cisco Firepower Management Center 6.5 Medium2025-08-14
CVE-2025-54705 WordPress WpEvently plugin <= 4.4.6 - Broken Access Control vulnerability — WpEvently 4.3 Medium2025-08-14
CVE-2025-54695 WordPress HT Mega Plugin plugin <= 2.9.0 - Broken Access Control Vulnerability — HT Mega 5.4 Medium2025-08-14
CVE-2025-54692 WordPress Membership For WooCommerce Plugin <= 2.9.0 - Broken Access Control Vulnerability — Membership For WooCommerce 7.5 High2025-08-14
CVE-2025-54679 WordPress Neon Channel Product Customizer Free Plugin <= 2.0 - Arbitrary Content Deletion Vulnerability — Neon Channel Product Customizer Free 7.5 High2025-08-14
CVE-2025-28962 WordPress Advanced Google Universal Analytics plugin <= 1.0.3 - Broken Access Control to Sensitive Data Exposure vulnerability — Advanced Google Universal Analytics 6.5 Medium2025-08-14
CVE-2025-30639 WordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control Vulnerability — IDonatePro 7.5 High2025-08-14
CVE-2025-30993 WordPress Thank You Page Customizer for WooCommerce – Increase Your Sales <= 1.1.7 - Broken Access Control Vulnerability — Thank You Page Customizer for WooCommerce 6.5 Medium2025-08-14
CVE-2025-31425 WordPress WP Lead Capturing Pages plugin < 2.6 - Arbitrary Content Deletion vulnerability — WP Lead Capturing Pages 7.5 High2025-08-14

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.