📦 Media Library Assistant

This vulnerability allows remote attackers to execute arbitrary operating system commands on WordPress servers running vulnerable versions of the Media Library Assistant plugin. Attackers can achieve ...

The Media Library Assistant WordPress plugin has a critical vulnerability allowing unauthenticated attackers to perform Local File Inclusion and Remote Code Execution. Attackers can exploit insufficie...

The Media Library Assistant WordPress plugin allows authenticated attackers with Author-level access or higher to upload arbitrary files due to missing file type validation. This vulnerability affects...

The Media Library Assistant WordPress plugin contains a time-based SQL injection vulnerability in the 'order' parameter of the mla_tag_cloud shortcode. Authenticated attackers with contributor-level a...

This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS) attacks against WordPress sites using the Media Library Assistant plugin. Attackers can inject malic...

The Media Library Assistant WordPress plugin has a reflected cross-site scripting vulnerability in all versions up to 3.17. Unauthenticated attackers can inject malicious scripts via the order paramet...

This vulnerability allows unauthenticated attackers to execute reflected cross-site scripting attacks via the lang parameter in the Media Library Assistant WordPress plugin. Attackers can inject malic...