exploitDog

CVE-2024-8623

Опубликовано: 24 сент. 2024

Источник: nvd

CVSS3: 7.3

EPSS Низкий

Описание

The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pluginus:wordpress_meta_data_and_taxonomies_filter:*:*:*:*:*:wordpress:*:*

Версия до 1.3.3.4 (исключая)

EPSS

Процентиль: 83%

0.01945

Низкий

7.3 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-rgw5-wvg4-r478

CVSS3: 7.3

github

больше 1 года назад

The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

EPSS

Процентиль: 83%

0.01945

Низкий

7.3 High

CVSS3

Дефекты

CWE-94