WordPress · Wordpress Meta Data/Taxonomies Filter · CVE-2021-20781
Name of the Vulnerable Software and Affected Versions:
WordPress Meta Data Filter & Taxonomies Filter versions prior to 1.2.8
WordPress Meta Data Filter & Taxonomies Filter versions prior to 2.2.8
Description:
A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators via unspecified vectors. This can lead to unauthorized access and actions on behalf of the administrators.
Recommendations:
For versions prior to 1.2.8, update to version 1.2.8 or later.
For versions prior to 2.2.8, update to version 2.2.8 or later.
As a temporary workaround, consider implementing additional authentication checks to minimize the risk of exploitation.