Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-49974 WordPress UpStream: a Project Management Plugin for WordPress plugin <= 2.1.1 - Broken Access Control Vulnerability — UpStream: a Project Management Plugin for WordPress 4.3 Medium2025-06-20
CVE-2025-49973 WordPress Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes plugin <= 1.0.10 - Broken Access Control Vulnerability — Image Sizes Controller, Create Custom Image Sizes, Disable Image Sizes 4.3 Medium2025-06-20
CVE-2025-49976 WordPress WANotifier plugin <= 2.7.12 - Broken Access Control vulnerability — Notifier 4.3 Medium2025-06-20
CVE-2025-49979 WordPress Media Hygiene plugin <= 4.0.1 - Broken Access Control vulnerability — Media Hygiene 4.3 Medium2025-06-20
CVE-2025-49980 WordPress WP User Profile Avatar plugin <= 1.0.6 - Broken Access Control Vulnerability — WP User Profile Avatar 4.3 Medium2025-06-20
CVE-2025-49981 WordPress User Roles and Capabilities plugin <= 1.2.6 - Broken Access Control Vulnerability — User Roles and Capabilities 4.3 Medium2025-06-20
CVE-2025-49982 WordPress WP Customer Area plugin <= 8.3.4 - Broken Access Control vulnerability — WP Customer Area 4.3 Medium2025-06-20
CVE-2025-49986 WordPress Video List Manager plugin <= 1.7 - Broken Access Control Vulnerability — Video List Manager 5.3 Medium2025-06-20
CVE-2025-49987 WordPress CRM ERP Business Solution plugin <= 1.13 - Broken Access Control Vulnerability — CRM ERP Business Solution 5.3 Medium2025-06-20
CVE-2025-49988 WordPress Contact Form 7 AWeber Extension plugin <= 0.1.40 - Broken Access Control vulnerability — Contact Form 7 AWeber Extension 5.3 Medium2025-06-20
CVE-2025-49989 WordPress App Builder plugin <= 5.5.6 - Broken Access Control vulnerability — App Builder 5.3 Medium2025-06-20
CVE-2025-49991 WordPress WP-Recall plugin <= 16.26.14 - Broken Access Control Vulnerability — WP-Recall 5.3 Medium2025-06-20
CVE-2025-49990 WordPress ContentStudio plugin <= 1.3.7 - Broken Access Control vulnerability — Contentstudio 5.3 Medium2025-06-20
CVE-2025-49993 WordPress Cookie-Script.com plugin <= 1.2.1 - Broken Access Control Vulnerability — Cookie-Script.com 5.3 Medium2025-06-20
CVE-2025-49996 WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 8.4 - Broken Access Control vulnerability — WP Visitor Statistics (Real Time Traffic) 5.3 Medium2025-06-20
CVE-2025-49997 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.18 - Broken Access Control + CSRF Vulnerability — Giveaways and Contests by RafflePress 5.3 Medium2025-06-20
CVE-2025-49998 WordPress WooCommerce Fortnox Integration plugin <= 4.5.5 - Broken Access Control Vulnerability — WooCommerce Fortnox Integration 5.4 Medium2025-06-20
CVE-2025-50008 WordPress WooCommerce Manager – Customize and Control Cart page, Add to Cart button, Checkout fields easily plugin <= 1.2.4.5 - Broken Access Control Vulnerability — WooCommerce Manager – Customize and Control Cart page, Add to Cart button, Checkout fields easily 5.4 Medium2025-06-20
CVE-2025-50009 WordPress Kata Plus plugin <= 1.5.3 - Broken Access Control Vulnerability — Kata Plus 5.4 Medium2025-06-20
CVE-2025-50010 WordPress Zapier for WordPress plugin <= 1.5.2 - Broken Access Control Vulnerability — Zapier for WordPress 5.4 Medium2025-06-20
CVE-2025-50034 WordPress Enhanced Blocks – Page Builder Blocks for Gutenberg plugin <= 1.4.1 - Broken Access Control Vulnerability — Enhanced Blocks – Page Builder Blocks for Gutenberg 6.5 Medium2025-06-20
CVE-2025-52802 WordPress Import YouTube videos as WP Posts plugin <= 2.1 - Broken Access Control Vulnerability — Import YouTube videos as WP Posts 7.5 High2025-06-20
CVE-2024-53298 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 9.8 Critical2025-06-20
CVE-2025-4571 GiveWP – Donation Plugin and Fundraising Platform <= 4.3.0 - Missing Authorization To Authenticated (Contributor+) Campaign Data View And Modification — GiveWP – Donation Plugin and Fundraising Platform 5.4 Medium2025-06-19
CVE-2025-23999 WordPress Breeze plugin <= 2.2.13 - Broken Access Control vulnerability — Breeze 4.3 Medium2025-06-18
CVE-2025-1562 Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation — FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce 9.8 Critical2025-06-18
CVE-2025-49234 WordPress WP Dummy Content Generator plugin <= 3.4.6 - Arbitrary User Deletion vulnerability — WP Dummy Content Generator 6.5 Medium2025-06-17
CVE-2025-49857 WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability — myCred 4.3 Medium2025-06-17
CVE-2025-49864 WordPress AFS Analytics plugin <= 4.21 - Broken Access Control Vulnerability — AFS Analytics 5.3 Medium2025-06-17
CVE-2025-49872 WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability — myCred 5.3 Medium2025-06-17

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.