Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-862 (授权机制缺失) — Vulnerability Class 5531

5531 vulnerabilities classified as CWE-862 (授权机制缺失). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-49052 WordPress Netease Music plugin <= 3.2.1 - Broken Access Control vulnerability — Netease Music 4.3 Medium2025-08-14
CVE-2025-50029 WordPress AI Tools <= 4.0.7 - Arbitrary Content Deletion Vulnerability — AI Tools 6.5 Medium2025-08-14
CVE-2025-50031 WordPress DB Backup <= 6.0 - Broken Access Control Vulnerability — DB Backup 6.5 Medium2025-08-14
CVE-2025-52721 WordPress Global Gallery Plugin <= 9.2.3 - Broken Access Control Vulnerability — Global Gallery 6.5 Medium2025-08-14
CVE-2025-52731 WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability — WordPress Event Manager, Event Calendar and Booking Plugin 7.5 High2025-08-14
CVE-2025-52775 WordPress Project Cost Calculator Plugin <= 1.0.0 - Broken Access Control Vulnerability — Project Cost Calculator 7.1 High2025-08-14
CVE-2025-52785 WordPress SMM API plugin <= 6.0.31 - Broken Access Control vulnerability — SMM API 7.1 High2025-08-14
CVE-2025-52800 WordPress The E-Commerce ERP <= 2.1.1.3 - Broken Access Control Vulnerability — The E-Commerce ERP 7.3 High2025-08-14
CVE-2025-52801 WordPress TheBooking Plugin <= 1.4.4 - Broken Access Control Vulnerability — TheBooking 7.3 High2025-08-14
CVE-2025-50171 Remote Desktop Spoofing Vulnerability — Windows 10 Version 21H2 9.1 Critical2025-08-12
CVE-2025-8310 Ivanti Virtual Application Delivery Controller 安全漏洞 — Virtual Application Delivery ControllerCWE-862 6.5 Medium2025-08-12
CVE-2025-8482 Simple Local Avatars <= 2.8.4 - Missing Authorization to Authenticated (Subscriber+) Avatar Migration — Simple Local Avatars 4.3 Medium2025-08-12
CVE-2025-8418 B Slider- Gutenberg Slider Block for WP <= 1.1.30 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Plugin Installation — bSlider – Create Responsive Image, Post, Product, and Video Sliders 8.8 High2025-08-12
CVE-2025-47444 WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability — FiboSearch 5.3 Medium2025-08-12
CVE-2025-6253 UiCore Elements <= 1.3.0 - Missing Authorization to Unauthenticated Arbitrary File Read — UiCore Elements – Free widgets and templates for Elementor 7.5 High2025-08-12
CVE-2025-8059 B Blocks <= 2.0.6 - Missing Authorization to Unauthenticated Privilege Escalation via rgfr_registration Function — bBlocks – Essential Gutenberg Blocks & Patterns Collection 9.8 Critical2025-08-12
CVE-2025-42955 Missing authorization check in SAP Cloud Connector — SAP Cloud Connector 3.5 Low2025-08-12
CVE-2025-42949 Missing Authorization check in ABAP Platform — ABAP Platform 4.9 Medium2025-08-12
CVE-2025-8285 Unauthorized Channel Subscription Creation in Mattermost Confluence Plugin — Mattermost Confluence Plugin 4.0 Medium2025-08-11
CVE-2025-54458 Unauthorized Subscription Creation to Confluence Space in Mattermost Confluence Plugin — Mattermost Confluence Plugin 5.0 Medium2025-08-11
CVE-2025-53910 Unauthorized Channel Subscription Edit in Mattermost Confluence Plugin — Mattermost Confluence Plugin 4.0 Medium2025-08-11
CVE-2025-53857 Lack of Authorization on Get Channel Subscriptions for Autocomplete in Mattermost Confluence Plugin — Mattermost Confluence Plugin 3.7 Low2025-08-11
CVE-2025-49221 Unauthenticated Access to Channel Subscription in Mattermost Confluence Plugin — Mattermost Confluence Plugin 3.7 Low2025-08-11
CVE-2025-48731 Unauthorized Subscription Edit to Confluence Space in Mattermost Confluence Plugin — Mattermost Confluence Plugin 6.4 Medium2025-08-11
CVE-2025-44001 Unauthorized Channel Subscription Read in Mattermost Confluence Plugin — Mattermost Confluence Plugin 4.0 Medium2025-08-11
CVE-2025-8807 xujeff tianti 天梯 save authorization — tianti 天梯 6.3 Medium2025-08-10
CVE-2025-8796 LitmusChaos Litmus Delete Request delete_project authorization — Litmus 5.4 Medium2025-08-10
CVE-2025-8595 Zakra <= 4.1.5 - Missing Authorization to Subscriber+ Demo Import — Zakra 4.3 Medium2025-08-06
CVE-2025-41698 Draeger: ICMHelper is vulnerable to a privilege escalation due too missing authorization — Draeger ICMHelper 7.8 High2025-08-05
CVE-2025-6205 Missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 — DELMIA Apriso 9.1 Critical2025-08-04

Vulnerabilities classified as CWE-862 (授权机制缺失) represent 5531 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.