Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-49293 WordPress Crawlomatic Multisite Scraper Post Generator plugin <= 2.6.8.2 - Broken Access Control Vulnerability — Crawlomatic Multisite Scraper Post Generator 4.3 Medium2025-06-06
CVE-2025-49289 WordPress PDF for WPForms plugin <= 5.5.0 - Broken Access Control Vulnerability — PDF for WPForms 5.0 Medium2025-06-06
CVE-2025-49288 WordPress Ultimate WP Mail plugin <= 1.3.5 - Account Takeover via Email Log Leak Vulnerability — Ultimate WP Mail 8.8 High2025-06-06
CVE-2025-49287 WordPress Product Feed for WooCommerce plugin <= 2.2.8 - Broken Access Control Vulnerability — Product Feed for WooCommerce 4.3 Medium2025-06-06
CVE-2025-49270 WordPress WP-CRM System plugin <= 3.4.2 - Broken Access Control Vulnerability — WP-CRM System 5.3 Medium2025-06-06
CVE-2025-49272 WordPress Trinity Audio plugin <= 5.20.0 - Broken Access Control Vulnerability — Trinity Audio 4.3 Medium2025-06-06
CVE-2025-49268 WordPress Verge3D plugin <= 4.9.4 - Broken Access Control Vulnerability — Verge3D 5.3 Medium2025-06-06
CVE-2025-49246 WordPress Testimonials Showcase plugin <= 1.9.16 - Broken Access Control Vulnerability — Testimonials Showcase 4.3 Medium2025-06-06
CVE-2025-49248 WordPress Team Showcase plugin < 25.05.13 - Broken Access Control Vulnerability — Team Showcase 4.3 Medium2025-06-06
CVE-2025-49241 WordPress oik plugin <= 4.15.1 - Broken Access Control Vulnerability — oik 5.3 Medium2025-06-06
CVE-2025-49240 WordPress DocsPress plugin <= 2.5.2 - Broken Access Control Vulnerability — DocsPress 4.3 Medium2025-06-06
CVE-2025-49236 WordPress Raychat plugin <= 2.1.0 - Broken Access Control Vulnerability — Raychat 5.3 Medium2025-06-06
CVE-2025-48335 WordPress Responsive Plus plugin <= 3.2.0 - Broken Access Control vulnerability — Responsive Plus 5.4 Medium2025-06-06
CVE-2025-48337 WordPress QuickCab plugin <= 1.3.3 - Broken Access Control vulnerability — QuickCab 5.3 Medium2025-06-06
CVE-2025-48784 Soar Cloud HRD Human Resource Management System - Missing Authorization — HRD Human Resource Management System 7.5AIHighAI2025-06-06
CVE-2025-5486 WP Email Debug 1.0 - 1.1.0 - Missing Authorization to Unauthenticated Privilege Escalation via Password Reset — WP Email Debug 9.8 Critical2025-06-06
CVE-2025-5018 Hive Support <= 1.2.5 - Authenticated (Subscriber+) Missing Authorization via hs_update_ai_chat_settings and hive_lite_support_get_all_binbox — Hive Support | AI-Powered Help Desk, Live Chat and Chatbot 7.1 High2025-06-06
CVE-2025-1777 BM Content Builder <= 3.16.2.1 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via ux_cb_page_options_save — BM Content Builder 6.4 Medium2025-06-06
CVE-2025-1778 Art Theme <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option Delete — Art Theme 4.3 Medium2025-06-06
CVE-2025-48133 WordPress Uncanny Automator plugin <= 6.4.0.2 - Broken Access Control Vulnerability — Uncanny Automator 6.5 Medium2025-06-05
CVE-2025-46258 WordPress Element Pack Pro Plugin < 8.0.0 - Broken Access Control vulnerability — Element Pack Pro 5.4 Medium2025-06-05
CVE-2025-5701 HyperComments <= 1.2.2 - Unauthenticated (Subscriber+) Arbitrary Options Update — HyperComments 8.8 High2025-06-05
CVE-2025-4047 Broken Link Checker <= 2.4.4 - Missing Autorization to Authenticated (Subscriber+) Plugin Status Dashboard View — Broken Link Checker 4.3 Medium2025-06-03
CVE-2025-45854 JEHC-BPM 安全漏洞 — JEHC-BPM 10.0 Critical2025-06-03
CVE-2025-47585 WordPress Booking and Rental Manager plugin <= 2.3.8 - Broken Access Control vulnerability — Booking and Rental Manager 6.5 Medium2025-06-02
CVE-2025-4597 Woo Slider Pro - Drag Drop Slider Builder For WooCommerce <= 1.12 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion — Woo Slider Pro – Drag Drop Slider Builder For WooCommerce 6.5 Medium2025-05-30
CVE-2025-48334 WordPress Woo Slider Pro <= 1.12 - Arbitrary Content Deletion Vulnerability — Woo Slider Pro 6.5 Medium2025-05-30
CVE-2025-46823 OpenMRS has Vulnerability in FHIR2 Module Privileges — openmrs-module-fhir2 7.1AIHighAI2025-05-29
CVE-2024-47055 Segment cloning doesn't have a proper permission check — Mautic 4.3 Medium2025-05-28
CVE-2025-40673 Missing Authorization in DinoRANK — DinoRANK 5.3AIMediumAI2025-05-28

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.