CVE-2021-24802

Name of the Vulnerable Software and Affected Versions: Colorful Categories WordPress plugin versions prior to 2.0.15

Description: The issue concerns a lack of nonce checks in the Colorful Categories WordPress plugin, which could allow attackers to perform a CSRF attack. This attack could enable an attacker to make a logged-in admin or editor change taxonomy colors.

Recommendations: For versions prior to 2.0.15, update to version 2.0.15 or later to resolve the issue. As a temporary workaround, consider restricting access to the taxonomy color change functionality to minimize the risk of exploitation.