CVE-2026-4128 | tplugins TP Restore Categories and Taxonomies Plugin up to 1.0.1 on WordPress AJAX profile.php delete_term authorization

A vulnerability marked as problematic has been reported in tplugins TP Restore Categories and Taxonomies Plugin up to 1.0.1 on WordPress. Impacted is the function delete_term of the file profile.php of the component AJAX Handler. Performing a manipulation results in missing authorization.

This vulnerability was named CVE-2026-4128. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More