cleantalk
Vulnerabilities and Security Researches

WordPress Tag and Category Manager – AI Autotagger, CVE-2021-24444

CVE, Research URL

CVE-2021-24444

Home page URL

Security reports for WordPress Tag and Category Manager – AI Autotagger

Application

WordPress Tag and Category Manager – AI Autotagger

Published on
Aug 02, 2021
Research Description
The TaxoPress – Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.0.7.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payload in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue.
Affected versions
Min -, max 3.4.5.
Status
vulnerable
Previous vulnerability researches
WordPress Tag and Category Manager – AI Autotagger (CVE-2021-24444) , Jun 06, 2024
WordPress Tag and Category Manager – AI Autotagger (CVE-2023-2168) , Jun 06, 2024
WordPress Tag and Category Manager – AI Autotagger (CVE-2023-2170) , Jun 06, 2024
WordPress Tag and Category Manager – AI Autotagger (CVE-2024-2830) , Jun 06, 2024
WordPress Tag and Category Manager – AI Autotagger (CVE-2023-2169) , Jun 06, 2024
New vulnerability
StoreKeeper for WooCommerce (CVE-2025-47687) , May 13, 2025
BMI Adult & Kid Calculator (CVE-2025-47618) , May 12, 2025
SMS Alert Order Notifications – WooCommerce (CVE-2025-3876) , May 11, 2025
SMS Alert Order Notifications – WooCommerce (CVE-2025-3878) , May 11, 2025
WordPress Review Plugin: The Ultimate Solution for Building a Review Website (CVE-2025-2158) , May 11, 2025