cvedb.io
CVE-2023-28664
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2023-03-22T21:15:19.023 · Last modified 2026-06-17T05:48:30.207

Summary

The Meta Data and Taxonomies Filter WordPress plugin, in versions < 1.3.1, is affected by a reflected cross-site scripting vulnerability in the 'tax_name' parameter of the mdf_get_tax_options_in_widget action, which can only be triggered by an authenticated user.

Affected products

pluginus — wordpress_meta_data_and_taxonomies_filter

Does this affect you?

Add your gear to cvedb and we'll alert you only when pluginus ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.