CVE-2025-14371

Name of the Vulnerable Software and Affected Versions The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress versions through 3.41.0

Description The software contains a flaw that allows unauthorized modification of data. Specifically, a missing capability check within the taxopress ai add post term function permits authenticated attackers with Contributor-level access or higher to add or remove taxonomy terms (tags, categories) from any post, even those they do not own.

Recommendations Update to a version beyond 3.41.0.