Primary

Context

Atarim WordPress Plugin Missing Authorization Vulnerability Allowing Arbitrary Content Deletion

Vulnerability

Patched

A missing authorization vulnerability has been identified in the Atarim WordPress plugin, specifically in versions through 4.0.9. This vulnerability allows for arbitrary content deletion, as it exploits incorrectly configured access control security levels. An unauthenticated user could potentially delete various types of content from a website, including posts, pages, and media such as images.

Impact

Exploitation of this vulnerability could lead to unauthorized deletion of content from the affected WordPress site, including posts, pages, and media files.

Remediation

Users of the Atarim WordPress plugin should update to version 4.1.0 or later to address this vulnerability. Patchstack users can enable auto-update for vulnerable plugins.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Atarim WordPress Plugin Missing Authorization Vulnerability Allowing Arbitrary Content Deletion

Vulnerability

Impact

Remediation

Affected Products

Atarim

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating