Vulnerabilities > Pluginus > Wordpress Meta Data AND Taxonomies Filter > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-28 | CVE-2024-50450 | Code Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.4. | 9.8 |
| 2024-09-24 | CVE-2024-8624 | SQL Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'meta_key' attribute of the 'mdf_select_title' shortcode in all versions up to, and including, 1.3.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.9 |