cleantalk
Vulnerabilities and Security Researches

MDTF – Meta Data and Taxonomies Filter, CVE-2023-28664

CVE, Research URL

CVE-2023-28664

Home page URL

Security reports for MDTF – Meta Data and Taxonomies Filter

Application

MDTF – Meta Data and Taxonomies Filter

Published on
Mar 23, 2023
Research Description
The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user.
Affected versions
max 1.3.1.
Status
vulnerable
Previous vulnerability researches
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-50451) , Oct 28, 2024
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-50450) , Oct 28, 2024
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2025-62069) , Nov 10, 2025
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2025-62964) , Nov 10, 2025
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2025-49907) , Nov 10, 2025
New vulnerability
Email Tracker – Email Tracking Plugin to track Emails for Open and Email Links Click (Compatible with WooCommerce) (CVE-2025-10047) , Nov 11, 2025
Advanced Ads – Ad Manager &amp; AdSense (CVE-2025-10487) , Nov 11, 2025
Social proof testimonials and reviews by Repuso (CVE-2025-62071) , Nov 11, 2025
Error Log Viewer by BestWebSoft (CVE-2025-9950) , Nov 11, 2025
Fidelo Snippet (CVE-2025-53351) , Nov 11, 2025