Media Library Assistant Vulnerability – Authenticated (Contributor+) SQL Injection via Shortcode & Reflected Cross-Site Scripting via lang – CVE-2024-3518 & CVE-2024-3519 | WordPress Plugin Vulnerability Report

Plugin Name: Media Library Assistant Key Information: Software Type: Plugin Software Slug: media-library-assistant Software Status: Active Software Author: dglingren Software Downloads: 1,952,519 Active Installs: 70,000 Last Updated: May 21, 2024 Patched Versions: 3.16 Affected Versions: <= 3.15 Vulnerability 1 Details: Name: Media Library Assistant <= 3.15 – Authenticated (Contributor+) SQL Injection via Shortcode Type: Improper…

Read More