Devowl

Real Media Library

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2024-2328

  • EPSS 0.21%
  • Veröffentlicht 02.05.2024 17:15:16
  • Zuletzt bearbeitet 06.05.2025 13:29:38

The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image title and alt text in all versions up to, and including, 4.22.11 due to insufficient input sanitization and ou...

5.4

CVE-2024-2027

  • EPSS 0.2%
  • Veröffentlicht 09.04.2024 19:15:25
  • Zuletzt bearbeitet 06.05.2025 14:09:30

The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its style attributes in all versions up to, and including, 4.22.7 due to insufficient input sanitization and output esca...

5.4

CVE-2023-0285

Exploit
  • EPSS 0.2%
  • Veröffentlicht 21.02.2023 09:15:12
  • Zuletzt bearbeitet 12.03.2025 16:15:18

The Real Media Library WordPress plugin before 4.18.29 does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks.

5.4

CVE-2021-34668

  • EPSS 0.17%
  • Veröffentlicht 30.08.2021 19:15:08
  • Zuletzt bearbeitet 04.02.2026 19:02:55

The WordPress Real Media Library WordPress plugin is vulnerable to Stored Cross-Site Scripting via the name parameter in the ~/inc/overrides/lite/rest/Folder.php file which allows author-level attackers to inject arbitrary web scripts in folder names...