Title: Plugin Vulnerability
Last modified: February 1, 2025

---

# Plugin Vulnerability

 *  Resolved [tranxhdr](https://wordpress.org/support/users/tranxhdr/)
 * (@tranxhdr)
 * [1 year, 4 months ago](https://wordpress.org/support/topic/plugin-vulnerability-32/)
 * Just got this warning notification from my ISP,
   WP Engine summary of the vulnerability:
   This vulnerability allows any unauthenticated user to perform actions that only
   an administrator should be allowed to do.This vulnerability’s information has
   been verified by Patchstack. Please note that questions related to this notification
   should be directed to Patchstack, the plugin author or the 3rd-party researcher
   for the most accurate information.Resources providing further information on 
   this vulnerability:[https://patchstack.com/database/vulnerability/meta-tag-manager/wordpress-meta-tag-manager-plugin-3-1-broken-access-control-vulnerability?_a_id=473](https://patchstack.com/database/vulnerability/meta-tag-manager/wordpress-meta-tag-manager-plugin-3-1-broken-access-control-vulnerability?_a_id=473)

Viewing 1 replies (of 1 total)

 *  Plugin Author [Marcus](https://wordpress.org/support/users/msykes/)
 * (@msykes)
 * [1 year, 3 months ago](https://wordpress.org/support/topic/plugin-vulnerability-32/#post-18321042)
 * Hello everyone, sorry for the late reply. We’ve just released 3.2 which fixes
   the vulnerability. This was a minor vulnerability which allowed authenticated
   users to view media attachment URLS according to ID.
 * If you store only images in your media, then there’s not much of implication 
   here, it’d mainly be of concern for sites that may store sensitive files in the
   media library.

Viewing 1 replies (of 1 total)

The topic ‘Plugin Vulnerability’ is closed to new replies.

 * ![](https://ps.w.org/meta-tag-manager/assets/icon-256x256.png?rev=1419077)
 * [Meta Tag Manager](https://wordpress.org/plugins/meta-tag-manager/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/meta-tag-manager/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/meta-tag-manager/)
 * [Active Topics](https://wordpress.org/support/plugin/meta-tag-manager/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/meta-tag-manager/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/meta-tag-manager/reviews/)

 * 4 replies
 * 2 participants
 * Last reply from: [Marcus](https://wordpress.org/support/users/msykes/)
 * Last activity: [1 year, 3 months ago](https://wordpress.org/support/topic/plugin-vulnerability-32/#post-18321042)
 * Status: resolved