Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-0593 Simple Job Board <= 2.10.8 - Missing Authorization to Unauthenticated Information Disclosure — Simple Job Board 5.3 Medium2024-02-21
CVE-2024-1562 WooCommerce Google Sheet Connector <= 1.3.11 - Missing Authorization — GSheetConnector for WooCommerce – Send your Orders and Products to Google Sheet in Real-Time 5.3 Medium2024-02-21
CVE-2024-1108 Plugin Groups <= 2.0.6 - Missing Authorization to Unauthenticated Denial of Service — Plugin Groups 6.5 Medium2024-02-21
CVE-2024-1090 ImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Settings Update in stopOptimizeAll — ImageRecycle pdf & image compression 4.3 Medium2024-02-20
CVE-2024-1218 Contact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing Authorization — Kali Forms — Contact Form & Drag-and-Drop Builder 4.3 Medium2024-02-20
CVE-2024-1133 Tutor LMS <= 2.6.0 - Missing Authorization — Tutor LMS – eLearning and online course solution 4.3 Medium2024-02-20
CVE-2024-0984 ImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Settings Update in disableOptimization — ImageRecycle pdf & image compression 4.3 Medium2024-02-20
CVE-2024-1389 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via pms_stripe_connect_handle_authorization_return — Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction 5.3 Medium2024-02-20
CVE-2024-0702 Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.1 - Missing Authorization — Oliver POS – A WooCommerce Point of Sale (POS) 7.3 High2024-02-20
CVE-2024-1322 Directorist <= 7.8.4 - Missing Authorization to Unauthenticated Settings Change — Directorist: AI-Powered Business Directory, Listings & Classified Ads 5.3 Medium2024-02-20
CVE-2024-1089 ImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Settings Update in optimizeAllOn — ImageRecycle pdf & image compression 4.3 Medium2024-02-20
CVE-2024-1217 Contact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing Authorization to Arbitrary Plugin Deactivation — Kali Forms — Contact Form & Drag-and-Drop Builder 7.6 High2024-02-20
CVE-2024-1091 ImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Plugin Data Removal in reinitialize — ImageRecycle pdf & image compression 4.3 Medium2024-02-20
CVE-2024-1340 Login Lockdown – Protect Login Form <= 2.08 - Missing Authorization — Login Lockdown & Protection 5.4 Medium2024-02-20
CVE-2024-1337 SKT Page Builder <= 4.1 - Missing Authorization to Authenticated(Subscriber+) Content Injection — SKT Page Builder 4.3 Medium2024-02-20
CVE-2024-0983 ImageRecycle pdf & image compression <= 3.1.13 - Missing Authorization to Settings Update in enableOptimization — ImageRecycle pdf & image compression 4.3 Medium2024-02-20
CVE-2024-1318 RSS Aggregator by Feedzy <= 4.4.2 - Missing Authorization to Arbitrary Page Creation and Publication — RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator 6.5 Medium2024-02-20
CVE-2024-1390 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.11.1 - Missing Authorization via creating_pricing_table_page — Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction 4.3 Medium2024-02-20
CVE-2024-24741 Missing Authorization check in SAP Master Data Governance Material — SAP Master Data Governance Material 4.3 Medium2024-02-13
CVE-2024-25643 Missing authorization check in SAP Fiori app (My Overtime Requests) — SAP Fiori app (My Overtime Requests) 4.3 Medium2024-02-13
CVE-2024-24739 Missing authorization check in SAP BAM (Bank Account Management) — SAP BAM (Bank Account Management) 6.3 Medium2024-02-13
CVE-2024-0596 Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via editor_html() — Awesome Support – WordPress HelpDesk & Support Plugin 5.3 Medium2024-02-10
CVE-2024-0595 Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via wpas_get_users() — Awesome Support – WordPress HelpDesk & Support Plugin 4.3 Medium2024-02-10
CVE-2024-1122 Event Manager, Events Calendar, Events Tickets for WooCommerce – Eventin <= 3.3.50 - Missing Authorization to Unauthenticated Events Export — Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered) 5.3 Medium2024-02-09
CVE-2023-6840 Missing Authorization in GitLab — GitLab 6.7 Medium2024-02-07
CVE-2024-24822 Pimcore Admin Classic Bundle permissions are not getting checked when working with tags — admin-ui-classic-bundle 6.5 Medium2024-02-07
CVE-2024-1109 Podlove Podcast Publisher <= 4.0.11 - Missing Authorization to Unauthenticated Data Export — Podlove Podcast Publisher 5.3 Medium2024-02-07
CVE-2024-1110 Podlove Podcast Publisher <= 4.0.11 - Missing Authorization to Settings Import — Podlove Podcast Publisher 5.3 Medium2024-02-07
CVE-2024-1078 Quiz Maker <= 6.5.2.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Quiz Creation & Modification — Quiz Maker 4.3 Medium2024-02-07
CVE-2024-1079 Quiz Maker <= 6.5.2.4 - Missing Authorization to Unauthenticated Quiz Data Retrieval — Quiz Maker 5.3 Medium2024-02-07

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.