Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
davidlingren media library assistant vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-24385
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in David Lingren Media Library Assistant plugin <= 3.11 versions.
Davidlingren Media Library Assistant
NA
CVE-2023-4716
The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mla_gallery' shortcode in versions up to, and including, 3.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it pos...
Davidlingren Media Library Assistant
NA
CVE-2023-4634
The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mla_stream_file' parameter from the ~/inclu...
Davidlingren Media Library Assistant
2 Github repositories
NA
CVE-2023-34010
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in submodule of David Lingren Media Library Assistant plugin <= 3.0.7 versions.
Davidlingren Media Library Assistant
NA
CVE-2022-41618
Unauthenticated Error Log Disclosure vulnerability in Media Library Assistant plugin <= 3.00 on WordPress.
Davidlingren Media Library Assistant
7.5
CVSSv2
CVE-2020-11928
In the media-library-assistant plugin prior to 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin.
Davidlingren Media Library Assistant
4.3
CVSSv2
CVE-2020-11731
The Media Library Assistant plugin prior to 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript.
Davidlingren Media Library Assistant
5
CVSSv2
CVE-2020-11732
The Media Library Assistant plugin prior to 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mla_gallery link=download.
Davidlingren Media Library Assistant
4.3
CVSSv2
CVE-2018-20982
The media-library-assistant plugin prior to 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens.
Davidlingren Media Library Assistant
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started