2 matches found
CVE-2026-3072
The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mlaupdatecompatfieldsaction function in all versions up to, and including, 3.33. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2026-3072
CVE-2026-3072 affects the WordPress plugin Media Library Assistant (MLA) up to and including version 3.33. The vulnerability arises from a missing capability check in mla_update_compat_fields_action(), allowing authenticated attackers with Subscriber-level access or higher to modify taxonomy term...