Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/10/19 5:42 a.m.11 views

CVE-2025-11738

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

5.3CVSS6.1AI score0.00375EPSS
Exploits0References1
NVD
NVD
added 2025/10/18 6:15 a.m.4 views

CVE-2025-11738

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

5.3CVSS0.00375EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/18 5:41 a.m.10 views

CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

5.3CVSS0.00375EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/18 5:41 a.m.3 views

CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...

5.3CVSS5.6AI score0.00375EPSS
Exploits0References3
CVE
CVE
added 2025/10/18 5:41 a.m.21 views

CVE-2025-11738

CVE-2025-11738 affects the WordPress Media Library Assistant plugin (versions up to 3.29). The vulnerability allows unauthenticated attackers to read arbitrary ai/eps/pdf/ps files on the server via mla-stream-image.php, exposing sensitive information. Wordfence’s vulnerability briefing confirms a...

5.3CVSS5.7AI score0.00375EPSS
Exploits0References3
OSV
OSV
added 2025/09/29 11:34 a.m.6 views

CLSA-2025-1759145639 Fix CVE(s): CVE-2025-53019

SECURITY UPDATE: memory leak when specifying multiple %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References1
Rows per page
Query Builder