cleantalk
Vulnerabilities and Security Researches

WOLF – WordPress Posts Bulk Editor and Manager Professional, CVE-2024-0791

CVE, Research URL

CVE-2024-0791

Home page URL

Security reports for WOLF – WordPress Posts Bulk Editor and Manager Professional

Application

WOLF – WordPress Posts Bulk Editor and Manager Professional

Published on
Feb 06, 2024
Research Description
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber access or higher, to create, delete or modify taxonomy terms.
Affected versions
Min -, max 1.0.8.2.
Status
vulnerable
Previous vulnerability researches
SEO Bulk Editor (CVE-2025-22587) , Jan 17, 2025
WooCommerce Bulk Edit Coupons – WP Sheet Editor (CVE-2022-4974) , Nov 16, 2024
WooCommerce Bulk Edit Coupons – WP Sheet Editor (e58568ca497e980484e2bedeb89a25095056b69c) , Jun 07, 2024
WOLF – WordPress Posts Bulk Editor and Manager Professional (CVE-2023-46152) , Jun 06, 2024
WOLF – WordPress Posts Bulk Editor and Manager Professional (CVE-2024-22159) , Jun 06, 2024
New vulnerability
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, (CVE-2025-5292) , Jun 06, 2025
Newsletters (CVE-2025-4857) , Jun 06, 2025
Royal Elementor Addons and Templates (CVE-2025-3813) , Jun 06, 2025