cleantalk
Vulnerabilities and Security Researches

WordPress Tag and Category Manager – AI Autotagger, CVE-2026-42646

CVE, Research URL

CVE-2026-42646

Home page URL

Security reports for WordPress Tag and Category Manager – AI Autotagger

Application

WordPress Tag and Category Manager – AI Autotagger

Published on
Apr 29, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Steve Burge TaxoPress simple-tags allows Blind SQL Injection.This issue affects TaxoPress: from n/a through <= 3.44.0.
Affected versions
max 3.45.0.
Status
vulnerable
Previous vulnerability researches
Donation Forms WP by Givecloud (CVE-2025-58842) , Sep 07, 2025
Giveaway Boost (CVE-2024-49332) , Oct 20, 2024
Giveaways and Contests by PromoSimple (CVE-2025-23934) , Jan 18, 2025
WPExperts Square For GiveWP (CVE-2024-13713) , Feb 22, 2025
WPExperts Square For GiveWP (CVE-2024-47338) , Sep 30, 2024
New vulnerability
BetterDocs – Best Documentation, FAQ &amp; Knowledge Base Plugin with AI Support (CVE-2026-42644) , May 01, 2026
WP User Frontend &#8211; Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submiss (CVE-2026-42412) , May 01, 2026
Image Widget (CVE-2026-42643) , May 01, 2026
Five Star Restaurant Reservations &#8211; WordPress Booking Plugin (CVE-2026-6498) , May 01, 2026
WordPress Tag and Category Manager &#8211; AI Autotagger (CVE-2026-42646) , May 01, 2026