Medium severity5.3NVD Advisory· Published Jan 7, 2025· Updated Jun 17, 2026
CVE-2024-12176
CVE-2024-12176
Description
The WordLift – AI powered SEO – Schema plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'wl_config_plugin' AJAX action in all versions up to, and including, 3.54.2. This makes it possible for unauthenticated attackers to update the plugin's settings.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=3.54.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.