CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-1652

The Categorify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the categorifyAjaxClearCategory function in all versions up to, and including, 1.0.7.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to clear categories.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.8%

CVSS Severity

CVSS v3 Score 4.3

References

https://plugins.trac.wordpress.org/changeset/3034410/categorify
https://www.wordfence.com/threat-intel/vulnerabilities/id/acccc6ae-553d-4ed5-8ba9-06a9061d725c?source=cve
https://plugins.trac.wordpress.org/changeset/3034410/categorify
https://www.wordfence.com/threat-intel/vulnerabilities/id/acccc6ae-553d-4ed5-8ba9-06a9061d725c?source=cve

Products affected by CVE-2024-1652

Frenify » Categorify » Version: N/A

cpe:2.3:a:frenify:categorify:-
Frenify » Categorify » Version: 1.0.0

cpe:2.3:a:frenify:categorify:1.0.0
Frenify » Categorify » Version: 1.0.4

cpe:2.3:a:frenify:categorify:1.0.4
Frenify » Categorify » Version: 1.0.5

cpe:2.3:a:frenify:categorify:1.0.5
Frenify » Categorify » Version: 1.0.7

cpe:2.3:a:frenify:categorify:1.0.7
Frenify » Categorify » Version: 1.0.7.4

cpe:2.3:a:frenify:categorify:1.0.7.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1652

Products

Pricing

Contact Us