Search
Search Results (25 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24385 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | 5.9 Medium |
| Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in David Lingren Media Library Assistant plugin <= 3.11 versions. | ||||
| CVE-2020-11928 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | 9.8 Critical |
| In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin. | ||||
| CVE-2020-11732 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | 7.5 High |
| The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mla_gallery link=download. | ||||
| CVE-2020-11731 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | 6.1 Medium |
| The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript. | ||||
| CVE-2018-20982 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | N/A |
| The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens. | ||||