Maxfoundry Media Library Folders
5 CVEs affecting Maxfoundry Media Library Folders. Latest disclosed: 2026-02-14. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-7857 | Medium | 6.5 | 2024-08-29 | The Media Library Folders plugin for WordPress is vulnerable to second order SQL Injection via the 'sort_type' parameter of the 'mlf_change_sort_type' AJAX act… |
CVE-2024-7858 | Medium | 6.3 | 2024-08-30 | The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-lib… |
CVE-2024-3615 | Medium | 6.1 | 2024-04-19 | The Media Library Folders plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 8.2… |
CVE-2026-2312 | Medium | 4.3 | 2026-02-14 | The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the delete_max… |
CVE-2025-0935 | Medium | 4.3 | 2025-02-15 | The Media Library Folders plugin for WordPress is vulnerable to unauthorized plugin settings change due to a missing capability check on several AJAX actions i… |