CVE-2024-1653 in Categorify Pluginthông tin

Tóm tắt

Bởi MITRE • 27/02/2024

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxUpdateFolderPosition in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the folder position of categories as well as update the metadata of other taxonomies.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

chịu trách nhiệm

Wordfence

Đặt trước

19/02/2024

Tiết lộ

27/02/2024

Kiểm duyệt

được chấp nhận

EPSS

0.00340

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you know our Splunk app?

Download it now for free!