All 7 CVE vulnerabilities found in Media Library Folders, with AI-generated Chinese analysis, references, and POCs.
Vendor: Max Foundry
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-2312 | Media Library Folders <= 8.3.6 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Attachment Deletion and Rename CWE-862 | 4.3 | Medium | 2026-02-14 |
| CVE-2025-0935 | Media Library Folders <= 8.3.0 - Missing Authorization to Plugin Settings Change CWE-862 | 4.3 | Medium | 2025-02-15 |
| CVE-2024-7858 | Media Library Folders <= 8.2.3 - Missing Authorization on Various Functions CWE-862 | 6.3 | Medium | 2024-08-30 |
| CVE-2024-7857 | Media Library Folders <= 8.2.2 - Authenticated (Subscriber+) Second-Order SQL Injection CWE-89 | 6.5 | Medium | 2024-08-29 |
| CVE-2024-3615 | Media Library Folders <= 8.2.0 - Reflected Cross-Site Scripting via 's' CWE-79 | 6.1 | Medium | 2024-04-19 |
| CVE-2024-31287 | WordPress Media Library Folders plugin <= 8.1.8 - Directory Traversal vulnerability CWE-22 | 6.5 | Medium | 2024-04-10 |
| CVE-2024-30486 | WordPress Media Library Folders plugin <= 8.1.7 - Auth. SQL Injection vulnerability CWE-89 | 8.5 | High | 2024-03-29 |
All 7 known CVE vulnerabilities affecting Media Library Folders with full Chinese analysis, references, and POCs where available.