Lucene search
+L

1043 matches found

NVD
NVD
added 2020/04/13 2:15 a.m.26 views

CVE-2020-11731

The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript...

6.1CVSS6.3AI score0.01154EPSS
Exploits3References1
Prion
Prion
added 2020/04/13 2:15 a.m.18 views

Cross site scripting

The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript...

4.3CVSS6.5AI score0.01154EPSS
Exploits3References1Affected Software1
Prion
Prion
added 2020/04/13 2:15 a.m.16 views

Arbitrary file deletion

The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mlagallery link=download...

5CVSS7.5AI score0.04917EPSS
Exploits4References1Affected Software1
CVE
CVE
added 2020/04/13 1:2 a.m.129 views

CVE-2020-11731

CVE-2020-11731 affects the WordPress Media Library Assistant plugin prior to 2.82. Multiple XSS vulnerabilities exist in all Settings/Media Library Assistant tabs, enabling remote authenticated users to execute arbitrary JavaScript. Affected version range is WordPress Media Library Assistant plug...

6.1CVSS6.4AI score0.01154EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2020/04/13 1:2 a.m.41 views

CVE-2020-11731

The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript...

6.6AI score0.01154EPSS
Exploits3References1
Cvelist
Cvelist
added 2020/04/13 1:2 a.m.51 views

CVE-2020-11732

The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mlagallery link=download...

7.5AI score0.04917EPSS
Exploits4References1
CVE
CVE
added 2020/04/13 1:2 a.m.136 views

CVE-2020-11732

Concretely affected: WordPress Media Library Assistant plugin prior to 2.82. Root cause: local file inclusion via unsanitized mla_gallery link parameter (mla_gallery link=download), allowing unauthenticated access to include arbitrary local files. Impact: information disclosure; CVSSv3.1 base sco...

7.5CVSS7.4AI score0.04917EPSS
Exploits4References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/04/13 12:0 a.m.6 views

PT-2020-12812

Name of the Vulnerable Software and Affected Versions Media Library Assistant plugin versions prior to 2.82 Description The issue is related to a Local File Inclusion vulnerability. It affects the mla gallery link when set to download. Recommendations For versions prior to 2.82, update to version...

7.5CVSS7.6AI score0.04917EPSS
Exploits4References5
WPVulnDB
WPVulnDB
added 2020/04/13 12:0 a.m.21 views

Media Library Assistant < 2.82 - Unauthenticated Limited Local File Inclusion

The Media Library Assistant plugin before 2.82 for WordPress suffers from a Local File Inclusion vulnerability in mlagallery link=download. PoC The LFI is restricted to the "wp-content" directory...

5CVSS2.3AI score0.04917EPSS
Exploits4References3Affected Software1
WPVulnDB
WPVulnDB
added 2020/04/13 12:0 a.m.19 views

Media Library Assistant < 2.82 - Authenticated Stored Cross-Site Scripting (XSS)

The Media Library Assistant plugin before 2.82 for WordPress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript...

4.3CVSS5.9AI score0.01154EPSS
Exploits3References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/04/13 12:0 a.m.7 views

PT-2020-12811 · WordPress · Media Library Assistant

Name of the Vulnerable Software and Affected Versions: Media Library Assistant plugin versions prior to 2.82 Description: The issue affects the Media Library Assistant plugin for Wordpress, specifically in all Settings/Media Library Assistant tabs, where multiple XSS vulnerabilities are present...

6.1CVSS6.4AI score0.01154EPSS
Exploits3References4
Packet Storm
Packet Storm
added 2020/04/13 12:0 a.m.131 views

WordPress Media Library Assistant 2.81 Local File Inclusion

Exploit Title: Wordpress Plugin Media Library Assistant 2.81 - Local File Inclusion Google Dork: N/A Date: 2020-04-13 Exploit Author: Daniel Monzón stark0de Vendor Homepage: http://davidlingren.com/ Software Link: https://wordpress.org/plugins/media-library-assistant/ Version: 2.81 Tested on:...

5CVSS0.3AI score0.04917EPSS
Exploits4
0day.today
0day.today
added 2020/04/13 12:0 a.m.51 views

Wordpress Media Library Assistant 2.81 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Media Library Assistant 2.81 - Local File Inclusion Exploit Author: Daniel Monzón stark0de Vendor Homepage: http://davidlingren.com/ Software Link: https://wordpress.org/plugins/media-library-assistant/ Version:...

0.2AI score0.04917EPSS
Exploits4
Patchstack
Patchstack
added 2020/04/13 12:0 a.m.22 views

WordPress Media Library Assistant plugin <= 2.81 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Daniel Monzón stark0de in WordPress Media Library Assistant plugin versions = 2.81. Solution Update the WordPress Media Library Assistant plugin to the latest available version at least 2.82...

6.1CVSS3.7AI score0.01154EPSS
Exploits3References3Affected Software1
Patchstack
Patchstack
added 2020/04/13 12:0 a.m.25 views

WordPress Media Library Assistant plugin <= 2.81 - Unauthenticated Limited Local File Inclusion (LFI) vulnerability

Unauthenticated Limited Local File Inclusion LFI vulnerability discovered by Daniel Monzón stark0de in WordPress Media Library Assistant plugin versions = 2.81. Solution Update the WordPress Media Library Assistant plugin to the latest available version at least 2.82...

7.5CVSS4.1AI score0.04917EPSS
Exploits4References3Affected Software1
OSV
OSV
added 2020/01/09 2:15 a.m.4 views

UBUNTU-CVE-2020-6630

An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gfisomgetmediadatasize in isomedia/isomread.c...

5.5CVSS5.8AI score0.0078EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/01/08 12:0 a.m.14 views

Drupal 8.7.x < 8.7.11 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - The Drupal project uses the third-party library ArchiveTar, which has released a security update that impacts some Drupal configurations. Multiple vulnerabilities are possibl...

7.3AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/01/08 12:0 a.m.12 views

Drupal 8.8.x < 8.8.1 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - The Drupal project uses the third-party library ArchiveTar, which has released a security update that impacts some Drupal configurations. Multiple vulnerabilities are possibl...

7.3AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/01/08 12:0 a.m.12 views

Drupal 7.x < 7.69 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - The Drupal project uses the third-party library ArchiveTar, which has released a security update that impacts some Drupal configurations. Multiple vulnerabilities are possibl...

7.3AI score
Exploits0References5
Veracode
Veracode
added 2019/12/23 4:7 a.m.8 views

Authorization Bypass

drupal/drupal is vulnerable to authorization bypass. Lack of restriction to media items in the Media Library allows an attacker to bypass authorization in specific configurations of Drupal...

4.7AI score
Exploits0
Rows per page
Query Builder