The Categorify plugin for WordPress has a security issue that allows unauthorized changes to be made to data. This is because the function responsible for adding categories, called categorifyAjaxAddCategory, does not have a check for user permissions. This means that anyone with at least subscriber-level access can add categories without proper authorization.