VYPR

Media Library Assistant

by WordPress

Source repositories

CVEs (26)

  • CVE-2023-24385Oct 17, 2023
    risk 0.00cvss epss 0.00

    Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in David Lingren Media Library Assistant plugin <= 3.11 versions.

  • CVE-2023-34010Aug 5, 2023
    risk 0.00cvss epss 0.00

    Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in submodule of David Lingren Media Library Assistant plugin  <= 3.0.7 versions.

  • CVE-2023-0279Feb 27, 2023
    risk 0.00cvss epss 0.01

    The Media Library Assistant WordPress plugin before 3.06 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.

  • CVE-2022-41618Nov 18, 2022
    risk 0.00cvss epss 0.01

    Unauthenticated Error Log Disclosure vulnerability in Media Library Assistant plugin <= 3.00 on WordPress.

  • CVE-2020-11731Apr 13, 2020
    risk 0.00cvss epss 0.01

    The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript.

  • CVE-2018-20982Aug 22, 2019
    risk 0.00cvss epss 0.01

    The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens.

Page 2 of 2