cleantalk
Vulnerabilities and Security Researches

MDTF – Meta Data and Taxonomies Filter, CVE-2023-28664

CVE, Research URL

CVE-2023-28664

Home page URL

Security reports for MDTF – Meta Data and Taxonomies Filter

Application

MDTF – Meta Data and Taxonomies Filter

Published on
Mar 23, 2023
Research Description
The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user.
Affected versions
Min -, max 1.3.1.
Status
vulnerable
Previous vulnerability researches
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-50451) , Oct 28, 2024
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-50450) , Oct 28, 2024
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-29906) , Jun 06, 2024
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-29763) , Jun 06, 2024
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-34434) , Jun 06, 2024
New vulnerability
Linux Promotional Plugin (CVE-2025-7668) , Aug 17, 2025
Poll Maker &#8211; Best WordPress Poll Plugin (CVE-2024-12575) , Aug 17, 2025
Add User Meta (CVE-2025-7688) , Aug 17, 2025
User Profile Builder &#8211; Beautiful User Registration Forms, User Profiles &amp; User Role Editor (CVE-2025-8896) , Aug 17, 2025
RSS Feed Pro (CVE-2025-53581) , Aug 17, 2025