cleantalk
Vulnerabilities and Security Researches

Bulk NoIndex & NoFollow Toolkit, 8923d2af08e39ea9c34e21dd7390dd95e84d47ab

CVE, Research URL

8923d2af08e39ea9c34e21dd7390dd95e84d47ab

Home page URL

Security reports for Bulk NoIndex & NoFollow Toolkit

Application

Bulk NoIndex & NoFollow Toolkit

Published on
Sep 04, 2023
Research Description
Bulk NoIndex &amp; NoFollow Toolkit [bulk-noindex-nofollow-toolkit-by-mad-fish] < 1.51 WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 1.42 is vulnerable to Broken Access Control No patched version is available. No reply from the vendor. Skalucy discovered and reported this Broken Access Control vulnerability in WordPress Bulk NoIndex & NoFollow Toolkit Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has not been known to be fixed yet.
Affected versions
max 1.51.
Status
vulnerable
Previous vulnerability researches
Bulk NoIndex &amp; NoFollow Toolkit (CVE-2023-41688) , Jun 10, 2024
Bulk NoIndex &amp; NoFollow Toolkit (CVE-2025-31537) , Apr 03, 2025
Bulk NoIndex &amp; NoFollow Toolkit (CVE-2024-8803) , Sep 27, 2024
Bulk NoIndex &amp; NoFollow Toolkit (8923d2af08e39ea9c34e21dd7390dd95e84d47ab) , Jun 06, 2024
Bulk NoIndex &amp; NoFollow Toolkit (CVE-2024-29791) , Jun 06, 2024
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs &#8211; Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025