CVE-2026-32455

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects MDTF: from n/a through = 1.3.5...

CVE-2026-32455

CVE-2026-32455 describes a DOM-based XSS in the WordPress MDTF plugin wp-meta-data-filter-and-taxonomy-filter

CVE-2026-32455

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects MDTF: from n/a through = 1.3.5...

CVE-2025-62964 WordPress MDTF plugin <= 1.3.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through = 1.3.6...

CVE-2025-62964 WordPress MDTF plugin <= 1.3.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through = 1.3.6...

WordPress plugin MDTF 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress MDTF plugin <= 1.3.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin MDTF versions = 1.3.3.9...

CVE-2025-62069

CVE-2025-62069 concerns the MDTF – Meta Data and Taxonomies Filter (WordPress plugin) for RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter. The vulnerability is an XSS issue caused by improper input neutralization during web page generation, affecting MDTF versions from n/a up to and inclu...

CVE-2025-62069 WordPress MDTF plugin <= 1.3.3.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter.This issue affects MDTF: from n/a through = 1.3.3.8...

CVE-2025-49907 WordPress MDTF plugin <= 1.3.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through = 1.3.3.9...

WordPress plugin MDTF 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress plugin MDTF 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress MDTF plugin <= 1.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by D01EXPLOIT in WordPress Plugin MDTF versions = 1.3.5...

WordPress MDTF plugin <= 1.3.3.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin MDTF versions = 1.3.3.8...

WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by theviper17y in WordPress Plugin MDTF versions = 1.3.3.6...

CVE-2024-12030

The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'key' attribute of the 'mdfvalue' shortcode in all versions up to, and including, 1.3.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2024-12030 MDTF – Meta Data and Taxonomies Filter <= 1.3.3.5 - Authenticated (Contributor+) SQL Injection

The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'key' attribute of the 'mdfvalue' shortcode in all versions up to, and including, 1.3.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2024-50450 WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.4 - Bypass Vulnerability vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Code Injection.This issue affects MDTF: from n/a through = 1.3.3.4...

CVE-2024-8623

The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. Thi...

CVE-2024-8624

The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection via the 'metakey' attribute of the 'mdfselecttitle' shortcode in all versions up to, and including, 1.3.3.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation...