Lucene search
CVE-2023-28664
The Meta Data and Taxonomies Filter WordPress plugin is affected by reflected cross-site scripting vulnerability in the 'tax_name' paramete
Show more
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | Cross site scripting | 22 Mar 202321:15 | – | prion |
 | CVE-2023-28664 | 22 Mar 202300:00 | – | cvelist |
 | CVE-2023-28664 | 22 Mar 202321:15 | – | nvd |
 | MDTF < 1.3.1 - Reflected XSS | 22 Mar 202300:00 | – | wpvulndb |
 | MDTF < 1.3.1 - Reflected XSS | 22 Mar 202300:00 | – | wpexploit |
 | WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin < 1.3.1 is vulnerable to Cross Site Scripting (XSS) | 12 Apr 202300:00 | – | patchstack |
 | CVE-2023-28664 | 22 Mar 202300:00 | – | vulnrichment |
 | WordPress Meta Data and Taxonomies Filter Plugin < 1.3.1 XSS Vulnerability | 29 Aug 202300:00 | – | openvas |
 | Wordfence Intelligence Weekly WordPress Vulnerability Report (Mar 20, 2023 to Mar 26, 2023) | 30 Mar 202313:23 | – | wordfence |
Node
[
{
"vendor": "n/a",
"product": "Meta Data and Taxonomies Filter WordPress Plugin",
"versions": [
{
"version": "< 1.3.1",
"status": "affected"
}
]
}
]| Source | Link |
|---|---|
| tenable | www.tenable.com/security/research/tra-2023-3 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| action | query param | /wp-admin/admin-ajax.php | Reflected Cross-Site Scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action. | CWE-79 |
| tax_name | query param | /wp-admin/admin-ajax.php | Reflected Cross-Site Scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action. | CWE-79 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo22 Mar 2023 21:15Current
5.3Medium risk
Vulners AI Score5.3
CVSS35.4
EPSS0.00228
SSVC