Missing Authorization vulnerability in Multi-column Tag Map
CVE-2023-41651

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: Multi-column Tag Map
Vendor: CVE Published:; 8 May 2024

What is CVE-2023-41651?

The Multi-column Tag Map plugin for WordPress has been identified to have a missing authorization vulnerability that could allow unauthorized users to access restricted features. This issue impacts all versions of the plugin from n/a through 17.0.26, potentially exposing sensitive data and core functionalities to users who should not have access. It is essential for site administrators using this plugin to review their security measures and apply any necessary updates or mitigation strategies to safeguard their applications.

Affected Version(s)

Multi-column Tag Map <= 17.0.26

References

https://patchstack.com/database/vulnerability/multi-colum...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2024
Vulnerability Reserved
Aug 30, 2023

Credit

Rio Darmawan (Patchstack Alliance)