The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber access or higher, to create, delete or modify taxonomy terms.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-02-05T21:21:33.679Z
Updated: 2024-07-05T17:22:55.565Z
Reserved: 2024-01-22T20:48:59.982Z
Link: CVE-2024-0791
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-02-05T22:16:05.077
Modified: 2024-02-13T19:42:31.100
Link: CVE-2024-0791
JSON object: View
Redhat Information
No data.
CWE