PT-2024-12956 · Mad Fish Digital · Bulk Noindex & Nofollow Toolkit
Nguyen Thi Huyen Trang - Skalucy
+1
·
Published
2024-12-13
·
Updated
2024-12-17
·
CVE-2023-41688
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Mad Fish Digital Bulk NoIndex & NoFollow Toolkit versions 1.42 and earlier
Bulk NoIndex & NoFollow Toolkit plugin version 1.42
Description
The issue affects the Bulk NoIndex & NoFollow Toolkit plugin due to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This vulnerability involves broken access control and could lead to exploitation.
Recommendations
For Bulk NoIndex & NoFollow Toolkit plugin version 1.42, update to the latest version immediately to secure your site.
For Mad Fish Digital Bulk NoIndex & NoFollow Toolkit versions 1.42 and earlier, update to the latest version to mitigate risks.
As a temporary workaround, consider reviewing security settings to minimize the risk of exploitation.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bulk Noindex & Nofollow Toolkit