WordPress Plugin Vulnerabilities

Bulk NoIndex & NoFollow Toolkit < 1.51 - Missing Authorization

Description

The Bulk NoIndex & NoFollow Toolkit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_page_callback() and update_page_bulk_callback() functions called via AJAX actions in versions up to, and including, 1.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to update post and page's noindex and nofollow statuses.

Affects Plugins

Plugin icon
bulk-noindex-nofollow-toolkit-by-mad-fish
Fixed in 1.51

References

CVE
CVE-2023-41688
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/5cb79fbc-705a-4fb4-b441-7fe7ab6dea10

Classification

Type
NO AUTHORISATION
OWASP top 10
A5: Broken Access Control
CWE
CWE-862
CVSS
4.3 (Medium)

Miscellaneous

Original Researcher
Skalucy
Verified
No
WPVDB ID
eb58bdc8-bc5b-4355-8dc6-33cc871c1a3d

Timeline

Publicly Published
2023-09-04 (about 8 months ago)
Added
2023-11-23 (about 5 months ago)
Last Updated
2023-12-03 (about 5 months ago)

Other

Published
Title
Published
2022-02-24
Title
Total Upkeep < 1.14.14 - Subscriber+ Backup Disclosure
Published
2024-04-05
Title
Bricksforge < 2.1.1 - Missing Authorization to Unauthenticated WordPress Settings Update
Published
2024-04-09
Title
Post Type Builder < 2.1.4 - Subscriber+ Arbitrary Post/Page Creation
Published
2023-08-28
Title
WP Users Media <= 4.2.3 - Missing Authorization via wpusme_save_settings
Published
2024-02-27
Title
WP eCommerce <= 3.15.1 - Missing Authorization to Unauthenticated Arbitrary Post Creation