CVE-2024-29906 in WordPress Meta Data and Taxonomies Filter Plugininfo

Summary

by MITRE • 03/27/2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.2.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 04/12/2025

The CVE-2024-29906 vulnerability represents a critical cross-site scripting flaw within the WordPress Meta Data and Taxonomies Filter (MDTF) plugin, specifically impacting versions ranging from an unspecified initial version through 1.3.2. This vulnerability falls under the well-established CWE-79 category for improper neutralization of input during web page generation, making it a classic stored XSS attack vector. The flaw occurs when user input is not properly sanitized or escaped before being rendered in web pages, allowing malicious scripts to be permanently stored on the server and subsequently executed in the context of other users' browsers. The MDTF plugin's failure to adequately process user-supplied data during metadata and taxonomy filtering operations creates an environment where attackers can inject malicious JavaScript code that persists across sessions and affects multiple users.

The technical exploitation of this vulnerability enables attackers to execute arbitrary scripts within the browser context of authenticated users who view affected content. When users interact with the plugin's functionality, particularly during metadata or taxonomy filtering operations, the malicious input is processed and stored without proper sanitization mechanisms. This stored malicious content then gets served to other users who access the same pages, creating a persistent threat vector that can be leveraged for session hijacking, credential theft, or redirection to malicious sites. The vulnerability's impact is amplified by the fact that it affects the core functionality of WordPress taxonomy and metadata handling, which are fundamental components used across numerous websites and applications.

From an operational standpoint, this vulnerability poses significant risks to WordPress site administrators and end-users alike. The stored nature of the XSS attack means that once an attacker successfully injects malicious code, it will persistently affect all users who access the affected pages until the malicious content is removed or the plugin is updated. This creates a window of opportunity for attackers to harvest session cookies, steal user credentials, or redirect users to phishing sites. The vulnerability's presence in a widely-used plugin like MDTF increases the attack surface significantly, as compromised sites can serve as launching points for broader attacks within network environments. Security practitioners should note that this vulnerability aligns with ATT&CK technique T1531 for bypassing security controls and T1203 for exploitation for privilege escalation.

Mitigation strategies for CVE-2024-29906 should prioritize immediate plugin updates to version 1.3.3 or later, which contain the necessary patches to address the XSS vulnerability. Organizations should implement comprehensive input validation and output escaping mechanisms throughout their WordPress installations, particularly in areas where user-generated content is processed and displayed. Regular security audits of installed plugins and themes should be conducted to identify and remediate similar vulnerabilities. Network monitoring solutions should be configured to detect and alert on suspicious script execution patterns that might indicate XSS exploitation attempts. Additionally, implementing content security policies and using security headers can provide additional layers of protection against successful exploitation attempts. The vulnerability underscores the critical importance of maintaining up-to-date WordPress core installations and plugins, as well as the necessity of following security best practices such as principle of least privilege and regular security assessments to prevent similar incidents from occurring in the future.

Responsible

Patchstack

Reservation

03/21/2024

Disclosure

03/27/2024

Moderation

accepted

CPE

ready

EPSS

0.00334

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!