cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches formeta-tag-manager meta-tag-manager

Direction: descending
Apr 23, 2026

Meta Tag Manager # CVE-2025-5983

CVE, Research URL

CVE-2025-5983

Home page URL

Security reports for Meta Tag Manager

Application

Meta Tag Manager

Date
Oct 22, 2025
Research Description
The Meta Tag Manager WordPress plugin before 3.3 does not restrict which roles can create http-equiv refresh meta tags.
Affected versions
max 3.3.
Status
vulnerable
Feb 03, 2025

Meta Tag Manager # CVE-2025-22260

CVE, Research URL

CVE-2025-22260

Home page URL

Security reports for Meta Tag Manager

Application

Meta Tag Manager

Date
Feb 03, 2025
Research Description
Missing Authorization vulnerability in Pixelite Meta Tag Manager. This issue affects Meta Tag Manager: from n/a through 3.1.
Affected versions
max 3.2.
Status
vulnerable
Jun 07, 2024

Meta Tag Manager # CVE-2024-1770

CVE, Research URL

CVE-2024-1770

Home page URL

Security reports for Meta Tag Manager

Application

Meta Tag Manager

Date
Mar 28, 2024
Research Description
The Meta Tag Manager plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.2 via deserialization of untrusted input in the get_post_data function. This makes it possible for authenticated attackers, with contributor access or higher, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
Affected versions
max 3.1.
Status
vulnerable

Meta Tag Manager # b0fcad47c22dee0f54e7ea6d2c9aa64411cb16dc

CVE, Research URL

b0fcad47c22dee0f54e7ea6d2c9aa64411cb16dc

Home page URL

Security reports for Meta Tag Manager

Application

Meta Tag Manager

Date
Jul 19, 2023
Research Description
Meta Tag Manager [meta-tag-manager] < 2.1 (closed) WordPress Meta Tag Manager Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Meta Tag Manager plugin to the latest available version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Meta Tag Manager Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 2.1.
Affected versions
max 2.1.
Status
vulnerable