exploitDog

CVE-2024-50450

Опубликовано: 28 окт. 2024

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

EPSS Средний

Описание

Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.4.

Ссылки

https://patchstack.com/database/vulnerability/wp-meta-data-filter-and-taxonomy-filter/wordpress-mdtf-meta-data-and-taxonomies-filter-plugin-1-3-3-4-bypass-vulnerability-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pluginus:wordpress_meta_data_and_taxonomies_filter:*:*:*:*:*:wordpress:*:*

Версия до 1.3.3.5 (исключая)

EPSS

Процентиль: 98%

0.45999

Средний

7.3 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-c8pf-2pv8-v359

CVSS3: 7.3

github

больше 1 года назад

Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.4.

EPSS

Процентиль: 98%

0.45999

Средний

7.3 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-94