Search
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34010 | 1 Davidlingren | 1 Media Library Assistant | 2023-08-09 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in submodule of David Lingren Media Library Assistant plugin <= 3.0.7 versions. | |||||
| CVE-2020-11732 | 1 Davidlingren | 1 Media Library Assistant | 2023-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mla_gallery link=download. | |||||
| CVE-2022-41618 | 1 Davidlingren | 1 Media Library Assistant | 2023-08-07 | N/A | 5.3 MEDIUM |
| Unauthenticated Error Log Disclosure vulnerability in Media Library Assistant plugin <= 3.00 on WordPress. | |||||
| CVE-2020-11928 | 1 Davidlingren | 1 Media Library Assistant | 2023-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin. | |||||
| CVE-2020-11731 | 1 Davidlingren | 1 Media Library Assistant | 2023-08-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript. | |||||
| CVE-2018-20982 | 1 Davidlingren | 1 Media Library Assistant | 2023-08-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens. | |||||