Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

dglingren — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting dglingren. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by dglingren:Media Library Assistant
CVE IDTitleCVSSSeverityPublished
CVE-2026-3072 Media Library Assistant <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification — Media Library AssistantCWE-862 4.3 Medium2026-03-05
CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read — Media Library AssistantCWE-73 5.3 Medium2025-10-18
CVE-2025-8357 Media Library Assistant <= 3.27 - Authenticated (Author+) Limited File Deletion — Media Library AssistantCWE-862 4.3 Medium2025-08-19
CVE-2025-7035 Media Library Assistant <= 3.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via mla_tag_cloud and mla_term_list Shortcodes — Media Library AssistantCWE-79 6.4 Medium2025-07-16
CVE-2024-11974 Media Library Assistant <= 3.23 - Reflected Cross-Site Scripting via smc_settings_tab, unattachfixit-action, and woofixit-action Parameters — Media Library AssistantCWE-79 6.1 Medium2025-01-04
CVE-2024-6823 Media Library Assistant <= 3.18 - Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action — Media Library AssistantCWE-434 8.8 High2024-08-13
CVE-2024-5544 Media Library Assistant <= 3.17 - Reflected Cross-Site Scripting — Media Library AssistantCWE-79 6.1 Medium2024-07-02
CVE-2024-5605 Media Library Assistant <= 3.16 - Authenticated (Contributor+) SQL Injection via order Parameter — Media Library AssistantCWE-89 8.8 High2024-06-20
CVE-2024-3518 Media Library Assistant <= 3.15 - Authenticated (Contributor+) SQL Injection via Shortcode — Media Library AssistantCWE-89 8.8 High2024-05-21
CVE-2024-3519 Media Library Assistant <= 3.15 - Reflected Cross-Site Scripting via lang — Media Library AssistantCWE-87 6.1 Medium2024-05-21
CVE-2024-2871 Media Library Assistant <= 3.13 - Authenticated (Contributor+) SQL Injection via Shortcode — Media Library AssistantCWE-89 6.4 Medium2024-04-09
CVE-2024-2475 Media Library Assistant <= 3.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via mla_gallery Shortcode — Media Library AssistantCWE-79 6.4 Medium2024-03-29
CVE-2023-4716 Media Library Assistant <= 3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Media Library AssistantCWE-79 6.4 Medium2023-09-22
CVE-2023-4634 Media Library Assistant <= 3.09 - Unauthenticated Local/Remote File Inclusion & Remote Code Execution — Media Library AssistantCWE-73 9.8 Critical2023-09-06

This page lists every published CVE security advisory associated with dglingren. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.