Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-23639 WordPress MainWP Staging Extension Plugin <= 4.0.3 - Subscriber+ Arbitrary Plugin Activation Vulnerability — MainWP Staging Extension 5.4 Medium2024-06-09
CVE-2023-51494 WordPress WooCommerce Product Vendors plugin <= 2.2.1 - Broken Access Control vulnerability — WooCommerce Product Vendors 5.3 Medium2024-06-09
CVE-2023-52230 WordPress Booster Plus for WooCommerce plugin < 7.1.3 - Authenticated Arbitrary WordPress Option Disclosure Vulnerability — Booster Plus for WooCommerce 6.5 Medium2024-06-09
CVE-2023-52232 WordPress Booster Plus for WooCommerce plugin < 7.1.2 - Authenticated Arbitrary Post/Page Deletion Vulnerability — Booster Plus for WooCommerce 6.5 Medium2024-06-09
CVE-2024-30539 WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability — Awesome Support 5.3 Medium2024-06-09
CVE-2024-30534 WordPress Calendarista Basic Edition plugin <= 3.0.5 - Broken Access Control vulnerability — Calendarista Basic Edition 6.5 Medium2024-06-09
CVE-2024-30537 WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability — WPC Badge Management for WooCommerce 4.3 Medium2024-06-09
CVE-2024-30538 WordPress DELUCKS SEO plugin <= 2.5.4 - Broken Access Control vulnerability — DELUCKS SEO 5.3 Medium2024-06-09
CVE-2024-31098 WordPress New Order Notification for Woocommerce plugin <= 2.0.2 - Broken Access Control vulnerability — New Order Notification for Woocommerce 7.1 High2024-06-09
CVE-2024-31246 WordPress PostX plugin <= 3.2.3 - Author+ Post/Page Duplication vulnerability — PostX 5.4 Medium2024-06-09
CVE-2024-31294 WordPress WP Sort Order plugin <= 1.3.1 - Broken Access Control vulnerability — WP Sort Order 4.3 Medium2024-06-09
CVE-2024-22151 WordPress Import and export users and customers plugin <= 1.24.6 - Broken Access Control vulnerability — Import and export users and customers 5.3 Medium2024-06-08
CVE-2024-21748 WordPress Icegram Engage plugin <= 3.1.21 - Broken Access Control vulnerability — Icegram 4.3 Medium2024-06-08
CVE-2024-35659 WordPress KiviCare plugin <= 3.6.6 - Insecure Direct Object References (IDOR) vulnerability — KiviCare 5.3 Medium2024-06-08
CVE-2024-5654 CF7 Google Sheets Connector <= 5.0.9 - Missing Authorization to Limited Site Configuration Update — GSheetConnector for CF7 – Connect Contact Form 7 to Google Sheets and Send Form Submissions in Real Time 6.5 Medium2024-06-08
CVE-2024-5087 Minimal Coming Soon – Coming Soon Page <= 2.38 - Missing Authorization to Limited Settings Change — Minimal Coming Soon – Coming Soon Page 6.3 Medium2024-06-08
CVE-2024-4661 WP Reset <= 2.02 - Missing Authorization to License Key Modification — WP Reset 4.3 Medium2024-06-08
CVE-2024-5770 WP Force SSL & HTTPS SSL Redirect <= 1.66 - Missing Authorization to Settings Update — WP Force SSL & HTTPS SSL Redirect 4.2 Medium2024-06-08
CVE-2024-5382 Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to MA Template Creation or Modification — Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits 6.5 Medium2024-06-07
CVE-2024-5637 Market Exporter <= 2.0.19 - Missing Authorization to Arbitrary File Deletion — Market Exporter 7.5 High2024-06-07
CVE-2024-5607 GDPR CCPA Compliance & Cookie Consent Banner <= 2.7.0 - Missing Authorization to Settings Update and Stored Cross-Site Scripting — GDPR CCPA Compliance & Cookie Consent Banner 5.4 Medium2024-06-07
CVE-2023-6876 Clever Fox – One Click Website Importer by Nayra Themes <= 25.2.0 - Missing Authorization to arbitrary theme activation via clever-fox-activate-theme — Clever Fox 5.4 Medium2024-06-07
CVE-2024-1689 WooCommerce Tools <= 1.2.9 - Missing Authorization to Authenticated (Subscriber+) Plugin Module Deactivation — WooCommerce Tools 4.3 Medium2024-06-07
CVE-2024-5248 Improper Access Control in lunary-ai/lunary — lunary-ai/lunary 4.3AIMediumAI2024-06-06
CVE-2024-5130 Incorrect Authorization in lunary-ai/lunary — lunary-ai/lunary 5.3AIMediumAI2024-06-06
CVE-2024-4888 Arbitrary File Deletion in BerriAI/litellm — berriai/litellm 8.1AIHighAI2024-06-06
CVE-2024-5129 Privilege Escalation Vulnerability in lunary-ai/lunary — lunary-ai/lunary 8.1AIHighAI2024-06-06
CVE-2024-2035 Improper Authorization in zenml-io/zenml — zenml-io/zenml 8.1AIHighAI2024-06-06
CVE-2024-5126 Improper Access Control in lunary-ai/lunary — lunary-ai/lunary 4.3AIMediumAI2024-06-06
CVE-2024-5127 Improper Access Control in lunary-ai/lunary — lunary-ai/lunary 8.1AIHighAI2024-06-06

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.