diff --git a/admin/tags.php b/admin/tags.php
index fd244a6db..166e09073 100644
--- a/admin/tags.php
+++ b/admin/tags.php
@@ -33,7 +33,7 @@ if (!empty($_POST))
 {
   check_pwg_token();
   check_input_parameter('tags', $_POST, true, PATTERN_ID);
-  check_input_parameter('selectAction', $_POST, false, '/^(edit|merge|duplicate|delete)$/');
+  check_input_parameter('selectAction', $_POST, false, '/^[a-zA-Z0-9_-]+$/');
   check_input_parameter('edit_list', $_POST, false, '/^\d+(,\d+)*$/');
   check_input_parameter('merge_list', $_POST, false, '/^\d+(,\d+)*$/');
   check_input_parameter('destination_tag', $_POST, false, PATTERN_ID);