Vulnerabilities (CVE)

Filtered by vendor Maxfoundry Subscribe
Filtered by product Media Library Folders
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-7858 1 Maxfoundry 1 Media Library Folders 2024-09-03 N/A 6.3 MEDIUM
The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-library-plus.php file in all versions up to, and including, 8.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform several actions related to managing media files and folder along with controlling settings.
CVE-2022-41634 1 Maxfoundry 1 Media Library Folders 2024-02-28 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Media Library Folders plugin <= 7.1.1 on WordPress.