Real Media Library Security Vulnerabilities and Issues — Real Media Library CVE List

DevowlReal Media Library

4 matches found

CVE•added 2024/05/02 4:52 p.m.•79 views

CVE-2024-2328

CVE-2024-2328 – Real Media Library: WordPress plugin Real Media Library (Lite) stores Cross‑Site Scripting via image title/alt text. Root cause: insufficient input sanitization and output escaping in image metadata. Affected: all versions up to and including 4.22.11. Impact: authenticated attacke...

6.4CVSS5.7AI score0.00404EPSS

CVE•added 2024/04/09 6:58 p.m.•69 views

CVE-2024-2027

CVE-2024-2027 affects Real Media Library: Media Library Folder & File Manager (WordPress). Root cause: insufficient input sanitization and output escaping in style attributes, enabling Stored XSS. Affected versions: all up to and including 4.22.7. Impact: authenticated attackers with contributor+...

6.4CVSS7.7AI score0.00423EPSS

CVE•added 2023/02/21 8:50 a.m.•64 views

CVE-2023-0285

CVE-2023-0285 affects the Real Media Library WordPress plugin. Versions prior to 4.18.29 do not sanitize/escape created folder names, enabling Stored XSS by users with author+ privileges. Impact: stored cross-site scripting with low/moderate severity (CVSS 3.1, base 5.4). Mitigation: upgrade to p...

5.4CVSS5.4AI score0.00457EPSS

CVE•added 2021/08/30 6:3 p.m.•50 views

CVE-2021-34668

Summary of CVE-2021-34668 (WordPress Real Media Library Lite) Affected software: WordPress Real Media Library Lite plugin (WordPress Real Media Library) up to and including version 4.14.1. Vulnerability: Stored Cross-Site Scripting (XSS) via the name parameter in the file path~/inc/overrides/lite...

6.4CVSS5.4AI score0.0056EPSS

Web