CWE-862 (授权机制缺失) — Vulnerability Class 5527

5527 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-69185	WordPress Hotel Listing plugin <= 1.4.2 - Broken Access Control vulnerability — Hotel Listing	7.3	High	2026-01-22
CVE-2025-69186	WordPress Hospital Doctor Directory plugin <= 1.3.9 - Broken Access Control vulnerability — Hospital Doctor Directory	7.3	High	2026-01-22
CVE-2025-69181	WordPress Lawyer Directory plugin <= 1.3.4 - Broken Access Control vulnerability — Lawyer Directory	7.3	High	2026-01-22
CVE-2025-69095	WordPress Reservation Plugin plugin <= 1.7 - Settings Change vulnerability — Reservation Plugin	6.5	Medium	2026-01-22
CVE-2025-69052	WordPress Registration & Login with Mobile Phone Number for WooCommerce plugin <= 1.3.1 - Broken Access Control vulnerability — Registration & Login with Mobile Phone Number for WooCommerce	9.8	Critical	2026-01-22
CVE-2025-68911	WordPress Solace theme <= 2.1.16 - Broken Access Control vulnerability — Solace	6.5	Medium	2026-01-22
CVE-2025-68896	WordPress WDV One Page Docs plugin <= 1.2.4 - Broken Access Control vulnerability — WDV One Page Docs	6.5	Medium	2026-01-22
CVE-2025-68882	WordPress Scalenut plugin <= 1.1.5 - Broken Access Control vulnerability — Scalenut	7.5	High	2026-01-22
CVE-2025-68558	WordPress Depicter Slider plugin <= 4.0.4 - Broken Access Control vulnerability — Depicter Slider	6.5	Medium	2026-01-22
CVE-2025-68073	WordPress GDPR CCPA Compliance Support plugin <= 2.7.4 - Broken Access Control vulnerability — GDPR CCPA Compliance Support	6.5	Medium	2026-01-22
CVE-2025-68507	WordPress Icegram plugin <= 3.1.35 - Broken Access Control vulnerability — Icegram	6.5	Medium	2026-01-22
CVE-2025-68059	WordPress Hotel Listing plugin <= 1.4.2 - Broken Access Control vulnerability — Hotel Listing	7.6	High	2026-01-22
CVE-2025-68072	WordPress Easy Property Listings plugin <= 3.5.20 - Broken Access Control vulnerability — Easy Property Listings	6.5	Medium	2026-01-22
CVE-2025-68058	WordPress Institutions Directory plugin <= 1.3..4 - Broken Access Control vulnerability — Institutions Directory	7.6	High	2026-01-22
CVE-2025-68057	WordPress Hospital Doctor Directory plugin <= 1.3.9 - Broken Access Control vulnerability — Hospital Doctor Directory	7.6	High	2026-01-22
CVE-2025-68039	WordPress WP BackItUp plugin <= 2.1.0 - Broken Access Control vulnerability — WP BackItUp	6.5	Medium	2026-01-22
CVE-2025-68019	WordPress SEO Booster plugin <= 6.1.8 - Broken Access Control vulnerability — SEO Booster	6.5	Medium	2026-01-22
CVE-2025-68020	WordPress Notifier plugin <= 2.7.13 - Broken Access Control vulnerability — Notifier	6.5	Medium	2026-01-22
CVE-2025-68018	WordPress Order Listener for WooCommerce plugin <= 3.6.1 - Broken Access Control vulnerability — Order Listener for WooCommerce	9.4	Critical	2026-01-22
CVE-2025-68016	WordPress onepay Payment Gateway For WooCommerce plugin <= 1.1.2 - Other Vulnerability Type vulnerability — onepay Payment Gateway For WooCommerce	9.1^AI	Critical^AI	2026-01-22
CVE-2025-68013	WordPress Payment Gateway Authorize.Net CIM for WooCommerce plugin <= 2.1.2 - Arbitrary Content Deletion vulnerability — Payment Gateway Authorize.Net CIM for WooCommerce	6.5	Medium	2026-01-22
CVE-2025-68007	WordPress Event Espresso 4 Decaf plugin <= 5.0.37.decaf - Settings Change vulnerability — Event Espresso 4 Decaf	6.5	Medium	2026-01-22
CVE-2025-68009	WordPress Slider Templates plugin <= 1.0.3 - Broken Access Control vulnerability — Slider Templates	6.5	Medium	2026-01-22
CVE-2025-68003	WordPress Shown Connector plugin <= 1.2.10 - Settings Change vulnerability — Shown Connector	6.5	Medium	2026-01-22
CVE-2025-67967	WordPress Lawyer Directory plugin <= 1.3.3 - Broken Access Control vulnerability — Lawyer Directory	7.6	High	2026-01-22
CVE-2025-67958	WordPress TaxCloud for WooCommerce plugin <= 8.3.8 - Broken Access Control vulnerability — TaxCloud for WooCommerce	6.5	Medium	2026-01-22
CVE-2025-67956	WordPress User Registration plugin <= 4.4.6 - Broken Access Control vulnerability — User Registration	9.1^AI	Critical^AI	2026-01-22
CVE-2025-67942	WordPress Peach Payments Gateway plugin <= 3.3.6 - Broken Access Control vulnerability — Peach Payments Gateway	6.5	Medium	2026-01-22
CVE-2025-67939	WordPress Tickera plugin <= 3.5.6.2 - Broken Access Control vulnerability — Tickera	6.5	Medium	2026-01-22
CVE-2025-66141	WordPress Scroller plugin <= 2.0.2 - Broken Access Control vulnerability — Scroller	5.4	Medium	2026-01-22

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5527 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-862 (授权机制缺失) — Vulnerability Class 5527