WordPress Categorify Plugin <= 1.0.7.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Categorify Type Plugin Vulnerable versions = 1.0.7.4 Fixed in 1.0.7.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1906 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3807b96abd23 Credits Francesco Carlucci...

CVE-2024-0385

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxAddCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and...

WordPress Plugin Categorify Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Categorify – WordPress Media Library Category & File Manager plugin <= 1.0.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Categorify – WordPress Media Library Category & File Manager plugin versions = 1.0.4. Solution Update the WordPress Categorify – WordPress Media Library Category & File Manager plugin to the latest...