CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-35045	WordPress Fat Rat Collect plugin <= 2.6.7 - Broken Access Control vulnerability — Fat Rat Collect	4.3	Medium	2024-06-13
CVE-2023-36504	WordPress BBS e-Popup plugin <= 2.4.5 - Broken Access Control vulnerability — BBS e-Popup	6.5	Medium	2024-06-13
CVE-2023-36694	WordPress Kingkong Board plugin <= 2.1.0.2 - Broken Access Control vulnerability — Kingkong Board	6.3	Medium	2024-06-13
CVE-2023-36695	WordPress Sublanguage plugin <= 2.9 - Broken Access Control vulnerability — Sublanguage	5.4	Medium	2024-06-13
CVE-2023-37394	WordPress WP Dummy Content Generator plugin <= 2.3.0 - Broken Access Control vulnerability — WP Dummy Content Generator	5.3	Medium	2024-06-13
CVE-2024-5674	Newsletter - API v1 and v2 addon for Newsletter <= 2.4.5 - Missing Authorization to Email Subscribers Management — Newsletter - API v1 and v2 addon for Newsletter	6.5	Medium	2024-06-12
CVE-2024-4898	InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.38 - Missing Authorization to Unauthenticated API setup/Arbitrary Options Update/Administrative User Creation — InstaWP Connect – 1-click WP Staging & Migration	9.8	Critical	2024-06-12
CVE-2023-40209	WordPress Highcompress Image Compressor plugin <= 6.0.0 - Broken Access Control vulnerability — Highcompress Image Compressor	6.5	Medium	2024-06-12
CVE-2023-40603	WordPress Simple Org Chart plugin <= 2.3.4 - Broken Access Control vulnerability — Simple Org Chart	5.3	Medium	2024-06-12
CVE-2023-41240	WordPress Pricing Deals for WooCommercePricing Deals for WooCommerce plugin <= 2.0.3.2 - Broken Access Control vulnerability — Pricing Deals for WooCommerce	5.3	Medium	2024-06-12
CVE-2023-44234	WordPress WP GPX Maps plugin <= 1.7.08 - Broken Access Control vulnerability — WP GPX Map	4.3	Medium	2024-06-12
CVE-2023-25030	WordPress Buy Me a Coffee plugin <= 3.7 - Broken Access Control vulnerability — Buy Me a Coffee	4.3	Medium	2024-06-12
CVE-2023-38395	WordPress WP Clone Menu plugin <= 1.0.1 - Broken Access Control vulnerability — WP Clone Menu	5.4	Medium	2024-06-12
CVE-2023-40672	WordPress Sticky Social Media Icons plugin <= 2.1 - Broken Access Control vulnerability — Sticky Social Media Icons	5.4	Medium	2024-06-12
CVE-2023-48280	WordPress Consensu.io plugin <= 1.0.1 - Broken Access Control vulnerability — Consensu.io	7.5	High	2024-06-12
CVE-2023-51413	WordPress Piotnet Forms plugin <= 1.0.29 - Broken Access Control vulnerability — Piotnet Forms	5.3	Medium	2024-06-12
CVE-2023-47828	WordPress wpMandrill plugin <= 1.33 - Broken Access Control vulnerability — wpMandrill	4.3	Medium	2024-06-12
CVE-2023-51524	WordPress weForms plugin <= 1.6.18 - Broken Access Control vulnerability — weForms	4.3	Medium	2024-06-12
CVE-2023-51526	WordPress Simple Staff List plugin <= 2.2.4 - Broken Access Control vulnerability — Simple Staff List	4.3	Medium	2024-06-12
CVE-2023-51537	WordPress Awesome Support plugin <= 6.1.5 - Broken Access Control vulnerability — Awesome Support	5.3	Medium	2024-06-12
CVE-2023-51670	WordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Arbitrary Plugin Activation vulnerability — FunnelKit Checkout	4.3	Medium	2024-06-12
CVE-2023-51671	WordPress FunnelKit Checkout plugin <= 3.10.3 - Authenticated Plugin Settings Change vulnerability — FunnelKit Checkout	5.4	Medium	2024-06-12
CVE-2023-51679	WordPress BulkGate SMS Plugin for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerability — BulkGate SMS Plugin for WooCommerce	5.4	Medium	2024-06-12
CVE-2023-51680	WordPress Quotes for WooCommerce plugin <= 2.0.1 - Broken Access Control vulnerability — Quotes for WooCommerce	4.3	Medium	2024-06-12
CVE-2023-52117	WordPress ProfileGrid plugin <= 5.6.6 - Broken Access Control vulnerability — ProfileGrid	4.3	Medium	2024-06-12
CVE-2023-52177	WordPress Integrate Google Drive plugin <= 1.3.3 - Broken Access Control vulnerability — Integrate Google Drive	5.4	Medium	2024-06-12
CVE-2024-5468	WordPress Header Builder Plugin – Pearl <= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options Deletion — Pearl – Header Builder	6.5	Medium	2024-06-12
CVE-2024-23518	WordPress ACF Photo Gallery Field plugin <= 2.6 - Broken Access Control vulnerability — ACF Photo Gallery Field	4.3	Medium	2024-06-11
CVE-2024-32143	WordPress Podlove Podcast Publisher plugin <= 4.1.0 - Broken Access Control vulnerability — Podlove Podcast Publisher	4.3	Medium	2024-06-11
CVE-2024-32146	WordPress Aspose.Words – Import and Export word documents plugin <= 6.3.1 - Broken Access Control vulnerability — Aspose.Words Exporter	4.3	Medium	2024-06-11

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-862 (授权机制缺失) — Vulnerability Class 5531