2 matches found
CVE-2024-9588 Category and Taxonomy Meta Fields <= 1.0.0 - Cross-Site Request Forgery to Taxonomy Meta Add/Delete
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the 'wpaftoptionpage' function. This makes it possible for unauthenticated attackers to add and...
WordPress Category and Taxonomy Meta Fields plugin <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by István Márton in WordPress Plugin Category and Taxonomy Meta Fields versions = 1.0.0...