CVE-2021-20781: CSRF
First published: Wed Jul 14 2021(Updated: )
Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pluginus Wordpress Meta Data And Taxonomies Filter | <1.2.8 | |
| Pluginus Wordpress Meta Data And Taxonomies Filter | >=2.2.2<2.2.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-20781.
What is the severity of CVE-2021-20781?
The severity of CVE-2021-20781 is high, with a severity value of 8.8.
What is the affected software?
The affected software is Pluginus Wordpress Meta Data and Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8.
How can the vulnerability be exploited?
The vulnerability can be exploited through Cross-Site Request Forgery (CSRF) attacks.
Are there any fixes for this vulnerability?
Yes, there are fixes available by updating to Wordpress Meta Data and Taxonomies Filter versions v.1.2.8 and v.2.2.8 respectively.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/tags
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/pluginus
- canonical/pluginus wordpress meta data and taxonomies filter
- version/pluginus wordpress meta data and taxonomies filter/2.2.2