Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 25 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-34897 WordPress Media LIbrary Assistant plugin <= 3.34 - Cross Site Scripting (XSS) vulnerability David LingrenMedia LIbrary Assistant Medium 6.5 2026-04-06 14:50:48 Deep Dive
CVE-2026-34885 WordPress Media LIbrary Assistant plugin <= 3.34 - SQL Injection vulnerability David LingrenMedia LIbrary Assistant High 8.5 2026-04-06 14:47:32 Deep Dive
CVE-2026-32399 WordPress Media LIbrary Assistant plugin <= 3.32 - SQL Injection vulnerability David LingrenMedia LIbrary Assistant 中危 -2026-03-13 11:42:12 Deep Dive
CVE-2026-3072 Media Library Assistant <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification dglingrenMedia Library Assistant Medium 4.3 2026-03-05 05:26:32 Deep Dive
CVE-2025-63065 WordPress Media LIbrary Assistant plugin <= 3.29 - Broken Access Control vulnerability David LingrenMedia LIbrary Assistant Medium 5.3 2025-12-09 14:52:35 Deep Dive
CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read dglingrenMedia Library Assistant Medium 5.3 2025-10-18 05:41:55 Deep Dive
CVE-2025-59590 WordPress Media Library Assistant Plugin <= 3.28 - Cross Site Scripting (XSS) Vulnerability David LingrenMedia LIbrary Assistant Medium 5.9 2025-09-22 18:25:47 Deep Dive
CVE-2025-8357 Media Library Assistant <= 3.27 - Authenticated (Author+) Limited File Deletion dglingrenMedia Library Assistant Medium 4.3 2025-08-19 04:26:02 Deep Dive
CVE-2025-7035 Media Library Assistant <= 3.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via mla_tag_cloud and mla_term_list Shortcodes dglingrenMedia Library Assistant Medium 6.4 2025-07-16 09:22:57 Deep Dive
CVE-2025-31627 WordPress Media Library Assistant plugin <= 3.24 - Stored Cross Site Scripting (XSS) vulnerability David LingrenMedia LIbrary Assistant Medium 5.9 2025-03-31 12:55:46 Deep Dive
CVE-2024-11974 Media Library Assistant <= 3.23 - Reflected Cross-Site Scripting via smc_settings_tab, unattachfixit-action, and woofixit-action Parameters dglingrenMedia Library Assistant Medium 6.1 2025-01-04 07:24:24 Deep Dive
CVE-2024-51661 WordPress Media Library Assistant plugin <= 3.19 - Remote Code Execution (RCE) vulnerability David LingrenMedia LIbrary Assistant Critical 9.1 2024-11-04 11:06:58 Deep Dive
CVE-2024-6823 Media Library Assistant <= 3.18 - Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action dglingrenMedia Library Assistant High 8.8 2024-08-13 05:30:56 Deep Dive
CVE-2024-5544 Media Library Assistant <= 3.17 - Reflected Cross-Site Scripting dglingrenMedia Library Assistant Medium 6.1 2024-07-02 07:37:05 Deep Dive
CVE-2024-5605 Media Library Assistant <= 3.16 - Authenticated (Contributor+) SQL Injection via order Parameter dglingrenMedia Library Assistant High 8.8 2024-06-20 03:37:22 Deep Dive
CVE-2024-3518 Media Library Assistant <= 3.15 - Authenticated (Contributor+) SQL Injection via Shortcode dglingrenMedia Library Assistant High 8.8 2024-05-21 23:30:41 Deep Dive
CVE-2024-3519 Media Library Assistant <= 3.15 - Reflected Cross-Site Scripting via lang dglingrenMedia Library Assistant Medium 6.1 2024-05-21 23:30:40 Deep Dive
CVE-2024-2871 Media Library Assistant <= 3.13 - Authenticated (Contributor+) SQL Injection via Shortcode dglingrenMedia Library Assistant Medium 6.4 2024-04-09 18:59:09 Deep Dive
CVE-2024-2475 Media Library Assistant <= 3.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via mla_gallery Shortcode dglingrenMedia Library Assistant Medium 6.4 2024-03-29 04:31:34 Deep Dive
CVE-2023-24385 WordPress Media Library Assistant Plugin <= 3.11 is vulnerable to Cross Site Scripting (XSS) David LingrenMedia Library Assistant Medium 5.9 2023-10-17 08:58:25 Deep Dive