Description
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to SQL Injection via the 'post_types' parameter in all versions up to, and including, 3.40.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Published: 2025-11-08
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: SQL Injection
Action: Apply Patch
AI Analysis

Impact

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress contains a SQL injection vulnerability in the post_types parameter. In versions up to 3.40.0, the parameter is not properly escaped, allowing an authenticated user with Editor privileges or higher to inject additional SQL clauses. Successful exploitation could lead to unauthorized extraction of database content, compromising confidentiality of site data.

Affected Systems

The vulnerability affects the WordPress plugin Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI developed by stevejburge. All releases up to and including 3.40.0 are impacted; newer versions may have resolved the issue. The only required condition is that the attacker has authenticated Editor-level access on the WordPress installation.

Risk and Exploitability

The CVSS score of 4.9 indicates a moderate severity, and the EPSS score of less than 1% suggests a low probability of widespread exploitation at present. The vulnerability is not listed in the CISA KEV catalog, reinforcing that it has not been publicly exploited to date. An attacker would need legitimate access, making internal threat actors or compromised accounts the most likely vectors. Mitigation by updating the plugin is the recommended course of action.

Generated by OpenCVE AI on April 22, 2026 at 12:01 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin to the latest version that fixes the SQL injection.
  • Restrict WordPress Editor access to trusted users only, or remove the Editor role from accounts that do not need tagging functions.
  • Deploy a web application firewall or SQL injection detection rule to monitor and block malicious post_types parameter values until the plugin is updated.
  • Optionally, review and sanitize the post_types input in the plugin code to prevent future injection attacks.

Generated by OpenCVE AI on April 22, 2026 at 12:01 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 28 Nov 2025 03:30:00 +0000

Type Values Removed Values Added
References

Mon, 10 Nov 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 10 Nov 2025 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Sat, 08 Nov 2025 03:45:00 +0000

Type Values Removed Values Added
Description The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnerable to SQL Injection via the 'post_types' parameter in all versions up to, and including, 3.40.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Title Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.0 - Authenticated (Editor+) SQL Injection
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:03:03.733Z

Reserved: 2025-10-20T15:36:04.101Z

Link: CVE-2025-11972

cve-icon Vulnrichment

Updated: 2025-11-28T02:35:54.605Z

cve-icon NVD

Status : Deferred

Published: 2025-11-08T04:15:43.577

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-11972

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T12:15:16Z

Weaknesses