Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5525

5525 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-28080 WordPress Rank Math SEO PRO plugin <= 3.0.96 - Broken Access Control vulnerability — Rank Math SEO PRO 4.3 Medium2026-03-06
CVE-2026-29073 SiYuan: Direct SQL Query API accessible to Reader-level users enables unauthorized database access — siyuan 8.8 -2026-03-06
CVE-2025-59544 Chamilo: Unauthorized access to update category of any user — chamilo-lms 4.3 -2026-03-06
CVE-2025-11791 Acronis Cyber Protect和Acronis Cyber Protect Cloud Agent 安全漏洞 — Acronis Cyber Protect 17 9.1 -2026-03-05
CVE-2026-30784 RustDesk hbbs/hbbr Servers Broker Connections Without Any Authorization Check — RustDesk Server 8.8 -2026-03-05
CVE-2026-30797 RustDesk rustdesk://config/ URI Silently Re-homes Client to Attacker-Controlled Server — RustDesk Client 8.1 -2026-03-05
CVE-2026-1720 WowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead Generation <= 1.4.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation — WowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead Generation 8.8 High2026-03-05
CVE-2026-1321 Membership Plugin – Restrict Content <= 3.2.20 - Unauthenticated Privilege Escalation via 'rcp_level' — Membership Plugin – Restrict Content 8.1 High2026-03-05
CVE-2026-28104 WordPress Site Suggest plugin <= 1.3.9 - Broken Access Control vulnerability — Site Suggest 6.5 Medium2026-03-05
CVE-2026-28071 WordPress pixfort Core plugin <= 3.2.22 - Broken Access Control vulnerability — pixfort Core 6.3 Medium2026-03-05
CVE-2026-28076 WordPress Guff theme <= 1.0.1 - Broken Access Control vulnerability — Guff 7.5 High2026-03-05
CVE-2026-28038 WordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.21.1 - Broken Access Control vulnerability — Ultimate Addons for WPBakery Page Builder 6.5 Medium2026-03-05
CVE-2026-27396 WordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerability — Directory Pro 7.3 High2026-03-05
CVE-2026-27388 WordPress DesignThemes Booking Manager plugin <= 2.0 - Broken Access Control vulnerability — DesignThemes Booking Manager 7.5 High2026-03-05
CVE-2026-27386 WordPress DesignThemes Directory Addon plugin <= 1.8 - Broken Access Control vulnerability — DesignThemes Directory Addon 7.5 High2026-03-05
CVE-2026-27374 WordPress WooCommerce Order Details plugin <= 3.1 - Broken Access Control vulnerability — WooCommerce Order Details 7.5 High2026-03-05
CVE-2026-27361 WordPress Responsive Posts Carousel Pro plugin <= 15.1 - Broken Access Control vulnerability — Responsive Posts Carousel Pro 7.5 High2026-03-05
CVE-2026-27362 WordPress WP Bakery Autoresponder Addon plugin <= 1.0.6 - Broken Access Control vulnerability — WP Bakery Autoresponder Addon 6.5 Medium2026-03-05
CVE-2026-27344 WordPress inseri core plugin <= 1.0.5 - Broken Access Control vulnerability — inseri core 5.9 Medium2026-03-05
CVE-2026-23799 WordPress Tutor LMS plugin <= 3.9.5 - Broken Access Control vulnerability — Tutor LMS 6.5 Medium2026-03-05
CVE-2026-22479 WordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerability — Easy Post Submission 7.5 High2026-03-05
CVE-2026-22459 WordPress WordPress CTA plugin <= 2.1.2 - Broken Access Control vulnerability — WordPress CTA 6.5 Medium2026-03-05
CVE-2025-69340 WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.3 - Broken Access Control vulnerability — WeDesignTech Ultimate Booking Addon 7.5 High2026-03-05
CVE-2026-3072 Media Library Assistant <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification — Media Library Assistant 4.3 Medium2026-03-05
CVE-2026-2899 Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion — Fluent Forms Pro Add On Pack 6.5 Medium2026-03-05
CVE-2026-1674 Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder <= 1.6.0 - Authenticated (Contributor+) Limited Options Update in save_gutena_forms_schema() — Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder 6.5 Medium2026-03-04
CVE-2026-3056 Seraphinite Accelerator <= 2.28.14 - Missing Authorization to Authenticated (Subscriber+) Log Clearing — Seraphinite Accelerator 4.3 Medium2026-03-04
CVE-2026-2732 Enable Media Replace <= 4.1.7 - Improper Authorization to Authenticated (Author+) Arbitrary Attachment Change via Background Replace — Enable Media Replace 5.4 Medium2026-03-04
CVE-2026-3266 Improper access control vulnerability has been discovered in OpenText™ Filr. — Filr 9.1AICriticalAI2026-03-03
CVE-2025-13734 IBM Engineering Requirements Management DOORS Next could allow an authenticated user to access and modify data beyond authorized permissions — Engineering Requirements Management DOORS Next 5.4 Medium2026-03-03

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5525 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.