Skip to main content
Echelon
Graph
Product
Directory
Enterprise
Compliance
Pulse
Exposures
AI Analyst
Compare
Docs
Login
Start Free
Pulse
›
Vendor Advisories
›
GitHub Security Advisories
›
GHSA-x48r-vwgp-xc93
GHSA-x48r-vwgp-xc93
Critical
CVSS
9.3
Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.
Vendor
GitHub Security Advisories
Published
June 25, 2026
Last Modified
June 25, 2026
🔗 CVE IDs covered (1)
CVE-2026-54843 →
📋 Description
Unauthenticated SQL Injection in MDTF <= 1.3.7 versions.
🔗 References (3)
https://nvd.nist.gov/vuln/detail/CVE-2026-54843
https://patchstack.com/database/wordpress/plugin/wp-meta-data-filter-and-taxonomy-filter/vulnerability/wordpress-mdtf-plugin-1-3-7-sql-injection-vulnerability?_s_id=cve
https://github.com/advisories/GHSA-x48r-vwgp-xc93