Media Library Assistant Security Vulnerabilities and Issues — Media Library Assistant CVE List

Lucene search

DavidlingrenMedia Library Assistant

3 matches found

CVE•added 2020/04/20 12:15 a.m.•156 views

CVE-2020-11928

In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin.

9.8CVSS9.7AI score0.0755EPSS

CVE•added 2020/04/13 2:15 a.m.•112 views

CVE-2020-11731

The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript.

6.1CVSS6.4AI score0.00431EPSS

Web

CVE•added 2020/04/13 2:15 a.m.•112 views

CVE-2020-11732

The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mla_gallery link=download.

7.5CVSS7.4AI score0.0108EPSS

Web