CVE-2024-34434

WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.2 - Arbitrary Shortcode Execution vulnerability

CVSS 6.5 MEDIUMEPSS 0.3%CWE-863

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.5EPSS 0.3%KEV nãoPoC —Patch —

Lifecycle

May 17, 2024Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Incorrect Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Inclusion, Functionality Misuse.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.2.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected products

realmag777 · WordPress Meta Data and Taxonomies Filter (MDTF)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://patchstack.com/database/vulnerability/wp-meta-data-filter-and-taxonomy-filter/wordpress-mdtf-meta-data-and-taxonomies-filter-plugin-1-3-3-2-arbitrary-shortcode-execution-vulnerability?_s_id=cve