Lucene search
K

3 matches found

Vulnrichment
Vulnrichment
added 2026/02/14 11:24 a.m.3 views

CVE-2026-2312 Media Library Folders <= 8.3.6 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Attachment Deletion and Rename

The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the deletemaxgalleriamedia and maxgalleriarenameimage functions due to missing validation on a user controlled key. This makes it possible for...

4.3CVSS5.5AI score0.00209EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/14 11:24 a.m.26 views

CVE-2026-2312 Media Library Folders <= 8.3.6 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Attachment Deletion and Rename

The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the deletemaxgalleriamedia and maxgalleriarenameimage functions due to missing validation on a user controlled key. This makes it possible for...

4.3CVSS0.00209EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/02/13 11:55 p.m.8 views

WordPress Media Library Folders plugin <= 8.3.6 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Attachment Deletion and Rename vulnerability

Insecure Direct Object Reference to Authenticated Author+ Arbitrary Attachment Deletion and Rename vulnerability discovered by shivanandsnaidu - naidu computers in WordPress Plugin Media Library Folders versions = 8.3.6...

4.3CVSS5.5AI score0.00209EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder