First published: Mon Feb 05 2024(Updated: )
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber access or higher, to create, delete or modify taxonomy terms.
Credit: security@wordfence.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pluginus Wolf - Wordpress Posts Bulk Editor And Products Manager Professional | <=1.0.8.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.