Realmag777 Mdtf vulnerabilities
7 known vulnerabilities affecting realmag777/mdtf.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2025-54707P2CRITICALCVSS 9.3≤ 1.3.3.72025-08-14
CVE-2025-54707 [CRITICAL] CWE-89 CVE-2025-54707: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows SQL Injection.This issue affects MDTF: from n/a through <= 1.3.3.7.
nvd
CVE-2024-50450P3CRITICALCVSS 9.8≤ 1.3.3.42024-10-28
CVE-2024-50450 [CRITICAL] CWE-94 CVE-2024-50450: Improper Control of Generation of Code ('Code Injection') vulnerability in RealMag777 MDTF wp-meta-d
Improper Control of Generation of Code ('Code Injection') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Code Injection.This issue affects MDTF: from n/a through <= 1.3.3.4.
nvd
CVE-2025-62964P4MEDIUMCVSS 5.3≤ 1.3.62025-10-27
CVE-2025-62964 [MEDIUM] CWE-862 CVE-2025-62964: Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allow
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through <= 1.3.6.
nvd
CVE-2025-62069P4MEDIUMCVSS 6.5≤ 1.3.3.82025-10-22
CVE-2025-62069 [MEDIUM] CWE-79 CVE-2025-62069: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter.This issue affects MDTF: from n/a through <= 1.3.3.8.
nvd
CVE-2026-32455P4MEDIUMCVSS 6.5≤ 1.3.52026-03-13
CVE-2026-32455 [MEDIUM] CWE-79 CVE-2026-32455: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects MDTF: from n/a through <= 1.3.5.
nvd
CVE-2024-50451P4MEDIUMCVSS 5.4≤ 1.3.3.42024-10-28
CVE-2024-50451 [MEDIUM] CWE-79 CVE-2024-50451: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter.This issue affects MDTF: from n/a through <= 1.3.3.4.
nvd
CVE-2025-49907P4MEDIUMCVSS 4.3≤ 1.3.3.92025-10-22
CVE-2025-49907 [MEDIUM] CWE-862 CVE-2025-49907: Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allow
Missing Authorization vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MDTF: from n/a through <= 1.3.3.9.
nvd