Lucene search

K
cvelistTenableCVELIST:CVE-2023-28664
HistoryMar 22, 2023 - 12:00 a.m.

CVE-2023-28664

2023-03-2200:00:00
tenable
www.cve.org
wordpress
plugin
vulnerability
tax_name
parameter
authenticated user

0.001 Low

EPSS

Percentile

23.3%

The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the ‘tax_name’ parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Meta Data and Taxonomies Filter WordPress Plugin",
    "versions": [
      {
        "version": "< 1.3.1",
        "status": "affected"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

23.3%

Related for CVELIST:CVE-2023-28664