1043 matches found
CVE-2020-11731
The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript...
Cross site scripting
The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript...
Arbitrary file deletion
The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mlagallery link=download...
CVE-2020-11731
CVE-2020-11731 affects the WordPress Media Library Assistant plugin prior to 2.82. Multiple XSS vulnerabilities exist in all Settings/Media Library Assistant tabs, enabling remote authenticated users to execute arbitrary JavaScript. Affected version range is WordPress Media Library Assistant plug...
CVE-2020-11731
The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript...
CVE-2020-11732
The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mlagallery link=download...
CVE-2020-11732
Concretely affected: WordPress Media Library Assistant plugin prior to 2.82. Root cause: local file inclusion via unsanitized mla_gallery link parameter (mla_gallery link=download), allowing unauthenticated access to include arbitrary local files. Impact: information disclosure; CVSSv3.1 base sco...
PT-2020-12812
Name of the Vulnerable Software and Affected Versions Media Library Assistant plugin versions prior to 2.82 Description The issue is related to a Local File Inclusion vulnerability. It affects the mla gallery link when set to download. Recommendations For versions prior to 2.82, update to version...
Media Library Assistant < 2.82 - Unauthenticated Limited Local File Inclusion
The Media Library Assistant plugin before 2.82 for WordPress suffers from a Local File Inclusion vulnerability in mlagallery link=download. PoC The LFI is restricted to the "wp-content" directory...
Media Library Assistant < 2.82 - Authenticated Stored Cross-Site Scripting (XSS)
The Media Library Assistant plugin before 2.82 for WordPress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript...
PT-2020-12811 · WordPress · Media Library Assistant
Name of the Vulnerable Software and Affected Versions: Media Library Assistant plugin versions prior to 2.82 Description: The issue affects the Media Library Assistant plugin for Wordpress, specifically in all Settings/Media Library Assistant tabs, where multiple XSS vulnerabilities are present...
WordPress Media Library Assistant 2.81 Local File Inclusion
Exploit Title: Wordpress Plugin Media Library Assistant 2.81 - Local File Inclusion Google Dork: N/A Date: 2020-04-13 Exploit Author: Daniel Monzón stark0de Vendor Homepage: http://davidlingren.com/ Software Link: https://wordpress.org/plugins/media-library-assistant/ Version: 2.81 Tested on:...
Wordpress Media Library Assistant 2.81 Plugin - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Media Library Assistant 2.81 - Local File Inclusion Exploit Author: Daniel Monzón stark0de Vendor Homepage: http://davidlingren.com/ Software Link: https://wordpress.org/plugins/media-library-assistant/ Version:...
WordPress Media Library Assistant plugin <= 2.81 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Daniel Monzón stark0de in WordPress Media Library Assistant plugin versions = 2.81. Solution Update the WordPress Media Library Assistant plugin to the latest available version at least 2.82...
WordPress Media Library Assistant plugin <= 2.81 - Unauthenticated Limited Local File Inclusion (LFI) vulnerability
Unauthenticated Limited Local File Inclusion LFI vulnerability discovered by Daniel Monzón stark0de in WordPress Media Library Assistant plugin versions = 2.81. Solution Update the WordPress Media Library Assistant plugin to the latest available version at least 2.82...
UBUNTU-CVE-2020-6630
An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gfisomgetmediadatasize in isomedia/isomread.c...
Drupal 8.7.x < 8.7.11 Multiple Vulnerabilities
According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - The Drupal project uses the third-party library ArchiveTar, which has released a security update that impacts some Drupal configurations. Multiple vulnerabilities are possibl...
Drupal 8.8.x < 8.8.1 Multiple Vulnerabilities
According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - The Drupal project uses the third-party library ArchiveTar, which has released a security update that impacts some Drupal configurations. Multiple vulnerabilities are possibl...
Drupal 7.x < 7.69 Multiple Vulnerabilities
According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - The Drupal project uses the third-party library ArchiveTar, which has released a security update that impacts some Drupal configurations. Multiple vulnerabilities are possibl...
Authorization Bypass
drupal/drupal is vulnerable to authorization bypass. Lack of restriction to media items in the Media Library allows an attacker to bypass authorization in specific configurations of Drupal...