CVE-2023-28664 Information

Description

The Meta Data and Taxonomies Filter WordPress plugin in versions < 1.3.1 is affected by a reflected cross-site scripting vulnerability in the ’tax_name’ parameter of the mdf_get_tax_options_in_widget action which can only be triggered by an authenticated user.

Reference

https://www.tenable.com/security/research/tra-2023-3