Описание
The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.1 (включая)
cpe:2.3:a:pluginus:wordpress_meta_data_and_taxonomies_filter:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 41%
0.00193
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
почти 3 года назад
The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user.
EPSS
Процентиль: 41%
0.00193
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79