CVE-2024-1653 in Categorify Plugin
Tóm tắt
Bởi MITRE • 27/02/2024
The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxUpdateFolderPosition in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the folder position of categories as well as update the metadata of other taxonomies.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.