Davidlingren

Media Library Assistant

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2026-56012

  • EPSS 0.21%
  • Veröffentlicht 18.06.2026 14:02:38
  • Zuletzt bearbeitet 18.06.2026 14:02:38

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35.

7.1

CVE-2026-54198

  • EPSS 0.15%
  • Veröffentlicht 16.06.2026 09:00:38
  • Zuletzt bearbeitet 16.06.2026 14:52:36

Unauthenticated Cross Site Scripting (XSS) in Media LIbrary Assistant <= 3.35 versions.

6.5

CVE-2026-34897

  • EPSS 0.18%
  • Veröffentlicht 06.04.2026 14:50:48
  • Zuletzt bearbeitet 24.04.2026 18:08:35

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media LIbrary Assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through 3.34.

8.5

CVE-2026-34885

  • EPSS 1.67%
  • Veröffentlicht 06.04.2026 14:47:31
  • Zuletzt bearbeitet 24.04.2026 18:08:35

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows SQL Injection.This issue affects Media LIbrary Assistant: from n/a through 3.34.

8.5

CVE-2026-32399

  • EPSS 0.23%
  • Veröffentlicht 13.03.2026 11:42:12
  • Zuletzt bearbeitet 22.04.2026 21:30:26

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Blind SQL Injection.This issue affects Media LIbrary Assistant: from n/a throug...

5.3

CVE-2025-63065

  • EPSS 0.31%
  • Veröffentlicht 09.12.2025 14:52:34
  • Zuletzt bearbeitet 27.04.2026 19:16:20

Authorization Bypass Through User-Controlled Key vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media LIbrary Assistant: from n...

5.9

CVE-2025-59590

  • EPSS 0.17%
  • Veröffentlicht 22.09.2025 19:16:27
  • Zuletzt bearbeitet 23.04.2026 15:34:06

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through <= 3.28...

5.4

CVE-2025-7035

  • EPSS 0.27%
  • Veröffentlicht 16.07.2025 09:22:56
  • Zuletzt bearbeitet 23.07.2025 19:14:56

The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mla_tag_cloud and mla_term_list shortcodes in all versions up to, and including, 3.26 due to insufficient input sanitization and output esc...

5.9

CVE-2025-31627

  • EPSS 0.2%
  • Veröffentlicht 31.03.2025 13:15:57
  • Zuletzt bearbeitet 23.04.2026 15:28:06

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through <= 3.24...

6.1

CVE-2024-11974

  • EPSS 0.36%
  • Veröffentlicht 04.01.2025 08:15:05
  • Zuletzt bearbeitet 31.03.2025 14:00:33

The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘smc_settings_tab', 'unattachfixit-action', and 'woofixit-action’ parameters in all versions up to, and including, 3.23 due to insufficient input...