CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-22291	WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.0.20 - Arbitrary Content Deletion vulnerability — LTL Freight Quotes – Worldwide Express Edition	5.3	Medium	2025-02-16
CVE-2024-13439	Team – Team Members Showcase Plugin <= 4.4.9 - Missing Authorization to Authenticated (Subscriber+) Settings Update — Team – Team Members Showcase Plugin	4.3	Medium	2025-02-15
CVE-2024-13752	WP Project Manager <= 2.6.17 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update — Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker	6.5	Medium	2025-02-15
CVE-2025-0935	Media Library Folders <= 8.3.0 - Missing Authorization to Plugin Settings Change — Media Library Folders	4.3	Medium	2025-02-15
CVE-2024-13513	Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.3 - Sensitive Information Exposure to Privilege Escalation — Oliver POS – A WooCommerce Point of Sale (POS)	9.8	Critical	2025-02-15
CVE-2025-22702	WordPress Photography Theme <= 7.7.2 - Broken Access Control Vulnerability — Photography	6.3	Medium	2025-02-14
CVE-2025-22698	WordPress Accessibility Suite by Ability, Inc plugin <= 4.18 - Multiple Broken Access Control vulnerability — Accessibility Suite	6.3	Medium	2025-02-14
CVE-2024-52500	WordPress Monetag Official Plugin plugin <= 1.1.3 - Broken Access Control vulnerability — Monetag Official Plugin	7.2	High	2025-02-14
CVE-2025-24692	WordPress Bulk Menu Edit plugin <= 1.3 - Broken Access Control vulnerability — Bulk Menu Edit	7.1	High	2025-02-14
CVE-2025-24607	WordPress IdeaPush plugin <= 8.71 - Broken Access Control vulnerability — IdeaPush	5.8	Medium	2025-02-14
CVE-2025-23766	WordPress OPSI Israel Domestic Shipments plugin <= 2.8.2 - Broken Access Control vulnerability — OPSI Israel Domestic Shipments	6.5	Medium	2025-02-14
CVE-2025-23771	WordPress Push Notification for Post and BuddyPress plugin <= 2.11 - Settings Change vulnerability — Push Notification for Post and BuddyPress	6.5	Medium	2025-02-14
CVE-2025-23534	WordPress WPLingo plugin <= 1.1.2 - Arbitrary Content Deletion vulnerability — WPLingo	6.5	Medium	2025-02-14
CVE-2024-13639	Read More & Accordion <= 3.4.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary 'Read More' Post Deletion — Read More & Accordion	4.3	Medium	2025-02-13
CVE-2025-1214	pihome-shc PiHome Role-Based Access Control user_accounts.php authorization — PiHome	6.3	Medium	2025-02-12
CVE-2025-26378	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	8.8	High	2025-02-12
CVE-2025-26377	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	8.1	High	2025-02-12
CVE-2025-26376	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	6.5	Medium	2025-02-12
CVE-2025-26375	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	8.8	High	2025-02-12
CVE-2025-26374	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	6.5	Medium	2025-02-12
CVE-2025-26373	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	6.5	Medium	2025-02-12
CVE-2025-26372	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	7.1	High	2025-02-12
CVE-2025-26371	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	8.8	High	2025-02-12
CVE-2025-26370	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	7.1	High	2025-02-12
CVE-2025-26369	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	8.8	High	2025-02-12
CVE-2025-26368	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	8.1	High	2025-02-12
CVE-2025-26367	Q-Free MAXTIME Suite 安全漏洞 — MaxTime	4.3	Medium	2025-02-12
CVE-2024-12296	Apus Framework <= 2.4 - Authenticated (Subscriber+) Arbitrary Options Update in import_page_options — Apus Framework	8.8	High	2025-02-12
CVE-2024-13374	WP Table Manager <= 4.1.3 - Missing Authorization to Authenticated (Subscriber+) Directory Traversal to Folder/File Name Disclosure — WP Table Manager	4.3	Medium	2025-02-12
CVE-2024-13656	Click Mag - Viral WordPress News Magazine/Blog Theme <= 3.6.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Deletion — Click Mag - Viral WordPress News Magazine/Blog Theme	8.1	High	2025-02-12

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-862 (授权机制缺失) — Vulnerability Class 5531