CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-32246	WordPress 1-Click Backup & Restore Database plugin <= 1.0.3 - Broken Access Control Vulnerability — 1-Click Backup & Restore Database	5.4	Medium	2025-04-04
CVE-2025-32237	WordPress MasterStudy LMS plugin <= 3.5.28 - Broken Access Control vulnerability — MasterStudy LMS	4.3	Medium	2025-04-04
CVE-2025-32235	WordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Broken Access Control vulnerability — MP3 Audio Player for Music, Radio & Podcast by Sonaar	4.3	Medium	2025-04-04
CVE-2025-32234	WordPress AdMail plugin <= 1.7.0 - Broken Access Control vulnerability — AdMail – Multilingual Back in-Stock Notifier for WooCommerce	4.3	Medium	2025-04-04
CVE-2025-32233	WordPress Revive.so plugin <= 2.0.3 - Broken Access Control vulnerability — Revive.so	4.3	Medium	2025-04-04
CVE-2025-32231	WordPress Bookingor plugin <= 2.0.1 - Broken Access Control vulnerability — Bookingor	4.3	Medium	2025-04-04
CVE-2025-32232	WordPress StaffList plugin <= 3.2.7 - Broken Access Control vulnerability — StaffList	4.3	Medium	2025-04-04
CVE-2025-32229	WordPress Variable Inspector plugin <= 2.6.3 - Broken Access Control vulnerability — Variable Inspector	4.3	Medium	2025-04-04
CVE-2025-32226	WordPress Display product variations dropdown on shop page plugin <= 1.1.3 - Broken Access Control vulnerability — Display product variations dropdown on shop page	4.3	Medium	2025-04-04
CVE-2025-32220	WordPress Salon booking system plugin <= 10.30.23 - Broken Access Control vulnerability — Salon booking system	5.4	Medium	2025-04-04
CVE-2025-32225	WordPress WP Event Manager plugin <= 3.2.0 - Broken Access Control vulnerability — WP Event Manager	5.3	Medium	2025-04-04
CVE-2025-32219	WordPress eaSYNC plugin <= 1.3.19 - Broken Access Control vulnerability — eaSYNC	5.4	Medium	2025-04-04
CVE-2025-32218	WordPress TableOn plugin <= 1.0.5.1 - Broken Access Control vulnerability — TableOn	5.4	Medium	2025-04-04
CVE-2025-32217	WordPress Ai Image Alt Text Generator for WP plugin <= 1.1.1 - Broken Access Control vulnerability — Ai Image Alt Text Generator for WP	5.4	Medium	2025-04-04
CVE-2025-32201	WordPress Xpro Theme Builder Plugin <= 1.2.8.4 - Broken Access Control vulnerability — Xpro Theme Builder	4.3	Medium	2025-04-04
CVE-2025-32147	WordPress Easy WP Optimizer Plugin <= 1.1.0 - Broken Access Control vulnerability — Easy WP Optimizer	8.8	High	2025-04-04
CVE-2025-22285	WordPress Pallet Packaging for WooCommerce Plugin <= 1.1.15 - Broken Access Control vulnerability — Pallet Packaging for WooCommerce	8.2	-	2025-04-04
CVE-2025-31381	WordPress Booking Calendar and Notification plugin <= 4.0.3 - Broken Authentication vulnerability — Booking Calendar and Notification	6.5	Medium	2025-04-04
CVE-2025-2075	Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation — Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin	8.8	High	2025-04-04
CVE-2025-31909	WordPress Apptivo Business Site CRM plugin <= 5.3 - Arbitrary Content Deletion vulnerability — Apptivo Business Site CRM	7.5	High	2025-04-03
CVE-2025-31896	WordPress GetBookingsWP Plugin <= 1.1.27 - Broken Access Control vulnerability — GetBookingsWP	6.5	Medium	2025-04-03
CVE-2025-31841	WordPress FPW Category Thumbnails Plugin <= 1.9.5 - Broken Access Control vulnerability — FPW Category Thumbnails	6.3	Medium	2025-04-03
CVE-2025-31876	WordPress Payday plugin <= 3.3.18 - Broken Access Control vulnerability — Payday	5.8	Medium	2025-04-03
CVE-2025-31858	WordPress Local Magic plugin <= 2.9.0 - Broken Access Control vulnerability — Local Magic	6.5	Medium	2025-04-03
CVE-2025-31794	WordPress WR Price List Manager For Woocommerce plugin <= 1.0.8 - Arbitrary Content Deletion vulnerability — WR Price List Manager For Woocommerce	5.4	Medium	2025-04-03
CVE-2025-31768	WordPress Widget Manager Light plugin <= 1.18 - Broken Access Control vulnerability — Widget Manager Light	6.5	Medium	2025-04-03
CVE-2025-31789	WordPress TextMe SMS plugin <= 1.9.1 - Broken Access Control vulnerability — TextMe SMS	6.5	Medium	2025-04-03
CVE-2025-31795	WordPress Shopify to WooCommerce Migration plugin <= 1.3.0 - Settings Change vulnerability — Shopify to WooCommerce Migration	6.5	Medium	2025-04-03
CVE-2025-31746	WordPress Clients plugin <= 1.1.4 - Broken Access Control vulnerability — Clients	6.4	Medium	2025-04-03
CVE-2025-31736	WordPress Rich Text Editor Plugin <= 1.0.1 - Broken Access Control vulnerability — Rich Text Editor	6.5	Medium	2025-04-03

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-862 (授权机制缺失) — Vulnerability Class 5531