Unrated severityNVD Advisory· Published Feb 27, 2023· Updated Mar 10, 2025
Media Library Assistant < 3.06 - Admin+ SQLi
CVE-2023-0279
Description
The Media Library Assistant WordPress plugin before 3.06 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <3.06
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/42db1ba5-1b14-41bd-a2b3-7243a84c9d3dmitreexploitvdb-entrytechnical-description
- bulletin.iese.de/post/media-library-assistant_3-05_1mitre
News mentions
0No linked articles in our index yet.