cleantalk
Vulnerabilities and Security Researches

MDTF – Meta Data and Taxonomies Filter, fabccf344bbf726b6c62ff1e5a7cf2e3fe560ada

CVE, Research URL

fabccf344bbf726b6c62ff1e5a7cf2e3fe560ada

Home page URL

Security reports for MDTF – Meta Data and Taxonomies Filter

Application

MDTF – Meta Data and Taxonomies Filter

Published on
Jan 04, 2023
Research Description
MDTF &#8211; Meta Data and Taxonomies Filter [wp-meta-data-filter-and-taxonomy-filter] < 1.3.1 MDTF – Meta Data and Taxonomies Filter <= 1.3.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in versions up to, and including, 1.3.0.1 due to insufficient input sanitization and output escaping on user supplied 'popup_title' attribute. This makes it possible for authenticated attackers with contributor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page
Affected versions
max 1.3.1.
Status
vulnerable
Previous vulnerability researches
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-50451) , Oct 28, 2024
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2024-50450) , Oct 28, 2024
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2026-54843) , Jun 25, 2026
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2026-54845) , Jun 25, 2026
MDTF &#8211; Meta Data and Taxonomies Filter (CVE-2025-62069) , Nov 10, 2025
New vulnerability
Admin and Site Enhancements (ASE) , Jun 25, 2026
Advanced Google reCAPTCHA , Jun 25, 2026
Page Optimize , Jun 25, 2026
Image Optimizer by Elementor – Compress, Resize and Optimize Images , Jun 25, 2026
Facebook Chat Plugin &#8211; Live Chat Plugin for WordPress , Jun 25, 2026