Really Simple Security logo

Log out
Get PRO

Black Friday Deals 40% OFF

Days
Hours
Minutes

USE CODE: BF2025

Latest

Input validation vulnerability in WordPress Tag and Category Manager – AI Autotagger 3.12.0

  • Severity: medium-risk
  • Status: Fixed
  • Publication: April 3, 2024

The WordPress Tag and Category Manager plugin, called AI Autotagger, has a security issue that could allow hackers to insert harmful code into a website. This can happen when the plugin’s ‘st_tag_cloud’ shortcode is used, and affects all versions up to 3.13.0. This could happen because the plugin does not properly clean up the information that is entered by users, and it also doesn’t protect against dangerous code. This means that someone who has contributor-level access or higher could add code to a page that will run whenever someone visits it.

Detected in:

Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI fixed vulnerable versions:
WordPress Tag and Category Manager – AI Autotagger fixed vulnerable versions:
WordPress Tag, Category, and Taxonomy Manager – AI Autotagger fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.