Categorify < 1.0.7.5 – Missing Authorization in categorifyAjaxUpdateFolderPosition | CVE 2024-1653 | Plugin Vulnerabilities

Description

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxUpdateFolderPosition in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the folder position of categories as well as update the metadata of other taxonomies.

Affects Plugins

Fixed in 1.0.7.5

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/45badd20-1ba8-44be-8a7c-2ce21261e208

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Francesco Carlucci

Verified

No

WPVDB ID

faffc974-66aa-40a5-9102-37de962df3a7

Timeline

Publicly Published

2024-02-26 (about 2 months ago)

Added

2024-02-26 (about 2 months ago)

Last Updated

2024-02-26 (about 2 months ago)

Other

Published

Title

Published

2022-05-17

Title

Enqueue Anything <= 1.0.1 - Subscriber+ Arbitrary Asset/Post Deletion

Published

2021-12-15

Title

Image Hover Effects Ultimate < 9.7.0 - Unauthenticated Arbitrary Option Update

Published

2024-03-15

Title

Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates < 2.6.7 - Missing Authorization to Unauthenticated Information Exposure

Published

2022-11-21

Title

Welcart e-Commerce < 2.8.4 - Subscriber+ Arbitrary Shipping Method Creation/Update/Deletion

Published

2024-01-03

Title

Product Delivery Date for WooCommerce – Lite < 2.7.1 - Missing Authorization