Primary

Context

Team 118GROUP Agent Missing Authorization Vulnerability Allowing Arbitrary Content Deletion

Vulnerability

A missing authorization vulnerability has been identified in the Team 118GROUP Agent plugin for WordPress, affecting versions through 1.6.0. This vulnerability allows exploitation of improperly configured access control security levels, leading to unauthorized deletion of content such as images, posts, or pages.

Impact

Exploitation of this vulnerability could result in the unauthorized deletion of content from affected WordPress websites.

Remediation

Users of the Team 118GROUP Agent plugin are advised to update to version 1.6.0 or later. For those unable to update immediately, Patchstack offers a virtual patch that can be applied to mitigate this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Team 118GROUP Agent Missing Authorization Vulnerability Allowing Arbitrary Content Deletion

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating