4 matches found
CVE-2024-8624
creationtimestamp| type| source ---|---|--- 2024-09-24 05:42:15+00:00| seen| https://t.me/cvedetector/6242...
CVE-2024-8624
CVE-2024-8624 affects the MDTF – Meta Data and Taxonomies Filter plugin for WordPress. Versions up to and including 1.3.3.3 are vulnerable to SQL Injection via the 'meta_key' attribute of the 'mdf_select_title' shortcode due to insufficient escaping and preparation of the existing SQL query. Expl...
CVE-2024-8624 MDTF – Meta Data and Taxonomies Filter <= 1.3.3.3 - Authenticated (Contributor+) SQL Injection
The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'metakey' attribute of the 'mdfselecttitle' shortcode in all versions up to, and including, 1.3.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation...
WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin <= 1.3.3.3 is vulnerable to SQL Injection
Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions = 1.3.3.3 Fixed in 1.3.3.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-8624 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 72c934040045 Credits Krzysztof Zając...