Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
DevowlReal Media Library*

3 matches found

CVE
CVEadded 2024/05/02 4:52 p.m.79 views

CVE-2024-2328

CVE-2024-2328 – Real Media Library: WordPress plugin Real Media Library (Lite) stores Cross‑Site Scripting via image title/alt text. Root cause: insufficient input sanitization and output escaping in image metadata. Affected: all versions up to and including 4.22.11. Impact: authenticated attacke...

6.4CVSS5.7AI score0.00404EPSS
CVE
CVEadded 2024/04/09 6:58 p.m.70 views

CVE-2024-2027

CVE-2024-2027 affects Real Media Library: Media Library Folder & File Manager (WordPress). Root cause: insufficient input sanitization and output escaping in style attributes, enabling Stored XSS. Affected versions: all up to and including 4.22.7. Impact: authenticated attackers with contributor+...

6.4CVSS7.7AI score0.00423EPSS
CVE
CVEadded 2023/02/21 8:50 a.m.67 views

CVE-2023-0285

CVE-2023-0285 affects the Real Media Library WordPress plugin. Versions prior to 4.18.29 do not sanitize/escape created folder names, enabling Stored XSS by users with author+ privileges. Impact: stored cross-site scripting with low/moderate severity (CVSS 3.1, base 5.4). Mitigation: upgrade to p...

5.4CVSS5.4AI score0.00457EPSS