RSS   Vulnerabilities for 'Media library assistant'   RSS

2020-04-20
 
CVE-2020-11928

CWE-74
 

 
In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin.

 
2020-04-13
 
CVE-2020-11732

CWE-200
 

 
The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mla_gallery link=download.

 
 
CVE-2020-11731

CWE-79
 

 
The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript.

 
2019-08-22
 
CVE-2018-20982

CWE-79
 

 
The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens.

 


Copyright 2024, cxsecurity.com

 

Back to Top