Davidlingren CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (28 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-11974	1 Davidlingren	1 Media Library Assistant	2026-04-08	6.1 Medium
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘smc_settings_tab', 'unattachfixit-action', and 'woofixit-action’ parameters in all versions up to, and including, 3.23 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
CVE-2022-41618	1 Davidlingren	1 Media Library Assistant	2025-02-20	3.7 Low
Unauthenticated Error Log Disclosure vulnerability in Media Library Assistant plugin <= 3.00 on WordPress.
CVE-2023-34010	1 Davidlingren	1 Media Library Assistant	2024-11-21	5.8 Medium
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in submodule of David Lingren Media Library Assistant plugin <= 3.0.7 versions.
CVE-2023-24385	1 Davidlingren	1 Media Library Assistant	2024-11-21	5.9 Medium
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in David Lingren Media Library Assistant plugin <= 3.11 versions.
CVE-2020-11928	1 Davidlingren	1 Media Library Assistant	2024-11-21	9.8 Critical
In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin.
CVE-2020-11732	1 Davidlingren	1 Media Library Assistant	2024-11-21	7.5 High
The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mla_gallery link=download.
CVE-2020-11731	1 Davidlingren	1 Media Library Assistant	2024-11-21	6.1 Medium
The Media Library Assistant plugin before 2.82 for Wordpress suffers from multiple XSS vulnerabilities in all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript.
CVE-2018-20982	1 Davidlingren	1 Media Library Assistant	2024-11-21	N/A
The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens.

« first previous Page 2 of 2.