Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-31004 WordPress Rich Table of Contents plugin <= 1.4.0 - Broken Access Control vulnerability — Rich Table of Contents 4.3 Medium2025-04-09
CVE-2025-31012 WordPress Age Gate plugin <= 3.5.4 - Broken Access Control Vulnerability — Age Gate 5.3 Medium2025-04-09
CVE-2025-31042 WordPress Sandwich Adsense plugin <= 4.0.2 - Broken Access Control Vulnerability — Sandwich Adsense 5.3 Medium2025-04-09
CVE-2025-31377 WordPress Woo Product Feed For Marketing Channels plugin <= 1.9.0 - Broken Access Control Vulnerability — Woo Product Feed For Marketing Channels 7.5 High2025-04-09
CVE-2025-32624 WordPress Czater.pl – live chat i telefon plugin <= 1.0.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Czater.pl – live chat i telefon 7.1 High2025-04-09
CVE-2025-32684 WordPress MapSVG Lite plugin <= 8.6.4 - Broken Access Control Vulnerability — MapSVG 5.0 Medium2025-04-09
CVE-2025-32279 WordPress Live Forms plugin <= 4.8.5 - Broken Access Control vulnerability — Live Forms 4.3 Medium2025-04-08
CVE-2025-2876 MelaPress Login Security and MelaPress Login Security Premium 2.1.0 - Missing Authorization to Unauthenticated Arbitrary User Deletion — MelaPress Login Security Premium 5.3 Medium2025-04-08
CVE-2025-2568 Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce 1.0.4 - 1.2.1 - Missing Authorization to Unauthenticated Limited Arbitrary Options Update — Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce 5.3 Medium2025-04-08
CVE-2025-3437 Motors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up — Motors – Car Dealership & Classified Listings Plugin 4.3 Medium2025-04-08
CVE-2025-2807 Motors – Car Dealership & Classified Listings Plugin <= 1.4.64 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation — Motors – Car Dealership & Classified Listings Plugin 8.8 High2025-04-08
CVE-2025-30017 Missing Authorization check in SAP Solution Manager — SAP Solution Manager 4.4 Medium2025-04-08
CVE-2025-27437 Missing Authorization check in SAP NetWeaver Application Server ABAP (Virus Scan Interface) — SAP NetWeaver Application Server ABAP (Virus Scan Interface) 4.3 Medium2025-04-08
CVE-2025-27435 Information Disclosure Vulnerability in SAP Commerce Cloud — SAP Commerce Cloud 4.2 Medium2025-04-08
CVE-2025-27428 Directory Traversal vulnerability in SAP NetWeaver and ABAP Platform (Service Data Collection) — SAP NetWeaver and ABAP Platform (Service Data Collection) 7.7 High2025-04-08
CVE-2025-26657 Information Disclosure vulnerability in SAP KMC WPC — SAP KMC WPC 5.3 Medium2025-04-08
CVE-2025-31171 Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.8 Medium2025-04-07
CVE-2025-2789 MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.19 - Missing Authorization to Unauthenticated Table Rates Deletion — MultiVendorX – WooCommerce Multivendor Marketplace Solutions 5.3 Medium2025-04-05
CVE-2025-1233 Lafka Plugin <= 7.1.0 - Missing Authorization to Authenticated (Subscriber+) Theme Option Update — Lafka Plugin 4.3 Medium2025-04-05
CVE-2024-13776 ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update and Settings Manipulation — ZoomSounds - WordPress Wave Audio Player with Playlist 8.1 High2025-04-05
CVE-2025-2933 Email Notifications for Updates <= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update — Email Notifications for Updates 8.8 High2025-04-05
CVE-2025-32178 WordPress 6Storage Rentals plugin <= 2.20.2 - Broken Access Control vulnerability — 6Storage Rentals 5.4 Medium2025-04-04
CVE-2025-32239 WordPress Social Share Buttons & Analytics Plugin plugin <= 4.5 - Broken Access Control vulnerability — Social Share Buttons & Analytics Plugin – GetSocial.io 4.3 Medium2025-04-04
CVE-2025-32224 WordPress Privyr CRM plugin <= 1.0.2 - Broken Access Control vulnerability — Privyr CRM Integration 5.4 Medium2025-04-04
CVE-2025-32277 WordPress RepairBuddy plugin <= 3.8213 - Broken Access Control vulnerability — RepairBuddy 4.3 Medium2025-04-04
CVE-2025-32258 WordPress Simple Website Logo plugin <= 1.1 - Broken Access Control vulnerability — Simple Website Logo 5.3 Medium2025-04-04
CVE-2025-32256 WordPress SurveyJS plugin <= 1.12.20 - Broken Access Control vulnerability — SurveyJS 5.3 Medium2025-04-04
CVE-2025-32253 WordPress Course Booking System Plugin <= 6.1 - Broken Access Control vulnerability — Course Booking System 5.3 Medium2025-04-04
CVE-2025-32254 WordPress WPBookit plugin <= 1.0.7 - Broken Access Control vulnerability — WPBookit 5.3 Medium2025-04-04
CVE-2025-32252 WordPress WP Genealogy plugin <= 0.1.9 - Broken Access Control vulnerability — WP Genealogy – Your Family History Website 5.3 Medium2025-04-04

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.