Vulnerabilities > Pluginus > Wordpress Meta Data AND Taxonomies Filter

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-50450 Code Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter
Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.4.
network
low complexity
pluginus CWE-94
critical
 9.8
9.8
2024-09-24 CVE-2024-8623 Code Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter
The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3.
network
low complexity
pluginus CWE-94
7.3
7.3
2024-09-24 CVE-2024-8624 SQL Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter
The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' attribute of the 'mdf_select_title' shortcode in all versions up to, and including, 1.3.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
pluginus CWE-89
critical
 9.9
9.9
2021-07-14 CVE-2021-20781 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter
Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
pluginus CWE-352
6.8
6.8