Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-41634 | 1 Maxfoundry | 1 Media Library Folders | 2024-11-21 | N/A | 5.4 MEDIUM |
Cross-Site Request Forgery (CSRF) vulnerability in Media Library Folders plugin <= 7.1.1 on WordPress. | |||||
CVE-2024-7858 | 1 Maxfoundry | 1 Media Library Folders | 2024-09-03 | N/A | 6.3 MEDIUM |
The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-library-plus.php file in all versions up to, and including, 8.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform several actions related to managing media files and folder along with controlling settings. |