4 matches found
CVE-2023-28664
The Meta Data and Taxonomies Filter WordPress plugin, in versions 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'taxname' parameter of the mdfgettaxoptionsinwidget action, which can only be triggered by an authenticated user...
WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin < 1.3.1 is vulnerable to Cross Site Scripting (XSS)
Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions 1.3.1 Fixed in 1.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28664 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 65753b42e2e6...
CVE-2023-28664
CVE-2023-28664 (WordPress MDTF plugin) affects WordPress Meta Data and Taxonomies Filter Plugin versions before 1.3.1. A reflected cross-site scripting vulnerability exists in the tax_name parameter of the mdf_get_tax_options_in_widget action that can be triggered by an authenticated user. The is...
CVE-2023-28664
The Meta Data and Taxonomies Filter WordPress plugin, in versions 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'taxname' parameter of the mdfgettaxoptionsinwidget action, which can only be triggered by an authenticated user...