Vulnerabilities > Pluginus > Wordpress Meta Data AND Taxonomies Filter > 1.2.3

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-22	CVE-2023-28664	Cross-site Scripting vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user. network low complexity pluginus CWE-79	5.4
2021-07-14	CVE-2021-20781	Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the authentication of administrators via unspecified vectors. network low complexity pluginus CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.