Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Link | Tags |
---|---|
https://wp-filter.com/update-v-2-2-8-v-1-2-8/ | vendor advisory |
https://wp-filter.com/ | product vendor advisory |
https://jvn.jp/en/jp/JVN48413554/index.html | third party advisory |