8.5
CVE-2026-56012
- EPSS 0.21%
- Veröffentlicht 18.06.2026 14:02:38
- Zuletzt bearbeitet 18.06.2026 14:02:38
- Quelle 21595511-bba5-4825-b968-b78d1f
- CVE-Watchlists
- Unerledigt
WordPress Media LIbrary Assistant plugin <= 3.35 - SQL Injection vulnerability
Media Library Assistant <= 3.35 - Authenticated (Contributor+) SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection.
This issue affects Media LIbrary Assistant: from n/a through 3.35.Mögliche Gegenmaßnahme
Media Library Assistant: Update to version 3.36, or a newer patched version
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerDavid Lingren
≫
Produkt
Media LIbrary Assistant
Default Statusunaffected
Version <=
3.35
Version
n/a
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Media Library Assistant
Version
*-3.35
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.112 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 21595511-bba5-4825-b968-b78d1f9984a3 | 8.5 | 0 | 0 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
|
https://patchstack.com/database/wordpress/plugin/media-library-assistant/vulnerability/wordpress-media-library-assistant-plugin-3-35-sql-injection-vulnerability?_s_id=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/14a84b47-b176-475f-b983-00416b603fc4