Forum Navigation
You need to log-in to create request (topic) to the support
WordFence - The Plugin "MDTF - Meta Data & Taxonomies Filter" has a security vulnerability.
The support doesn work on Saturdays and Sundays, so some Friday requests can be answered on Monday. If you have problems with registration ask help on contact us page pleaseIf you not got email within 24~36 business hours, firstly check your spam box, and if no any email from the support there - back to the forum and read answer here. DO NOT ANSWER ON EMAILS [noreply@pluginus.net] FROM THE FORUM!! Emails are just for your info, all answers should be published only here.
The support doesn work on Saturdays and Sundays, so some Friday requests can be answered on Monday.
March 20, 2023, 13:52
WordFence gives the following message but I'm already on the latest version 1.3.1.
There is no version 2.2.8 as they're recommending.
- Issue Found March 18, 2023 6:35 pmCritical
The Meta Data Filter & Taxonomies Filter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions versions prior to v.2.2.8. This is due to missing or incorrect nonce validation on the draw_settings_page() function. This makes it possible for unauthenticated attackers to inject malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
March 21, 2023, 10:53
Hello
This is an old version of the plugin. This vulnerability has been fixed for a long time.
1.3.1 - Yes, this is the latest (fixed) version.