1.3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-08	CVE-2024-12030	SQL Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'key' attribute of the 'mdf_value' shortcode in all versions up to, and including, 1.3.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity pluginus CWE-89	6.5
2024-10-28	CVE-2024-50450	Code Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.4. network low complexity pluginus CWE-94 critical	9.8
2024-09-24	CVE-2024-8623	Code Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3. network low complexity pluginus CWE-94	7.3
2024-09-24	CVE-2024-8624	SQL Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' attribute of the 'mdf_select_title' shortcode in all versions up to, and including, 1.3.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity pluginus CWE-89 critical	9.9
2024-06-09	CVE-2024-32818	Unspecified vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter Missing Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF).This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3. network low complexity pluginus	8.8
2024-03-29	CVE-2024-30457	Unspecified vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF).This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.1. network low complexity pluginus	8.8
2024-03-27	CVE-2024-29763	Unspecified vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Reflected XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3. network low complexity pluginus	6.1
2024-03-27	CVE-2024-29932	Unspecified vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.2. network low complexity pluginus	5.4
2024-03-27	CVE-2024-29906	Unspecified vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.2. network low complexity pluginus	5.4
2023-03-22	CVE-2023-28664	Cross-site Scripting vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user. network low complexity pluginus CWE-79	5.4