The Categorify plugin for WordPress has a security flaw that affects all versions up to 1.0.7.4. This allows hackers to change the position of categories and edit other taxonomies without being authenticated. They can do this by tricking a site administrator into clicking on a link.