PT-2026-44026

Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Date Remover allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Meta and Date Remover: from n/a through 2.3.6...

CVE-2026-32455 WordPress MDTF plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects MDTF: from n/a through = 1.3.5...

CVE-2024-34434

Incorrect Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter MDTF allows Code Inclusion, Functionality Misuse.This issue affects WordPress Meta Data and Taxonomies Filter MDTF: from n/a through 1.3.3.2...

CVE-2025-49907

Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through = 1.3.3.9...

EUVD-2024-26758

Malicious code in bioql PyPI...

CVE-2024-50451

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter.This issue affects MDTF: from n/a through = 1.3.3.4...

CVE-2023-1027

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to obtain post...

CVE-2023-1381

The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code...

CVE-2023-25703 WordPress Meta slider and carousel with lightbox plugin <= 1.6.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Meta slider and carousel with lightbox meta-slider-and-carousel-with-lightbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meta slider and carousel with lightbox: from n/a throu...

WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.4 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin MDTF versions = 1.3.3.4...

WordPress Meta News theme <= 1.1.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Theme Meta News versions = 1.1.7...

CVE-2024-9589

The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'newmetaname' parameter in the 'wpaftoptionpage' function in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes...

WordPress plugin WP Meta SEO 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Meta Box – WordPress Custom Fields Framework Plugin <= 5.9.10 is vulnerable to Broken Access Control

Software Meta Box – WordPress Custom Fields Framework Type Plugin Vulnerable versions = 5.9.10 Fixed in 5.9.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43235 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 05cac2b9959a Credit...

PT-2024-25888 · WordPress · Wordpress Meta Data/Taxonomies Filter

Name of the Vulnerable Software and Affected Versions: WordPress Meta Data and Taxonomies Filter MDTF versions 1.3.3.2 and earlier Description: The issue is related to an Incorrect Authorization vulnerability, allowing Code Inclusion and Functionality Misuse. Recommendations: For WordPress Meta...

WordPress plugin WP Meta SEO 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Meta Box plugin < 5.9.4 - Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability

Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability discovered by Scott Kingsley Clark in WordPress Plugin Meta Box – WordPress Custom Fields Framework versions 5.9.4...

CVE-2024-1984

The Graphene theme for WordPress is vulnerable to unauthorized access of data via meta tag in all versions up to, and including, 2.9.2. This makes it possible for unauthenticated individuals to obtain post contents of password protected posts via the generated source...

CVE-2024-30457

Cross-Site Request Forgery CSRF vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter MDTF.This issue affects WordPress Meta Data and Taxonomies Filter MDTF: from n/a through 1.3.3.1...

CVE-2024-29763

Technical details for CVE-2024-29763 are not provided in the supplied documents. No vendor/product/version specifics or impact information are disclosed here. Monitor for official updates and additional disclosures.