WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerability
CVE-2023-41688
5.4MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 13 December 2024
What is CVE-2023-41688?
The Bulk NoIndex & NoFollow Toolkit by Mad Fish Digital exhibits a missing authorization issue that stems from incorrectly configured access control levels. This vulnerability allows unauthenticated users to exploit the system, leading to unauthorized actions being performed without proper permissions. Affected versions enable attackers to bypass security measures, potentially compromising the integrity and security of the WordPress installations that utilize this toolkit.
Affected Version(s)
Bulk NoIndex & NoFollow Toolkit <= 1.5