Maxfoundry Media_library_folders
7 CVEs affecting Maxfoundry Media_library_folders. Latest disclosed: 2025-02-15. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-30486 | High | 8.5 | 2024-03-29 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Max Foundry Media Library Folders.This issue affects Medi… |
CVE-2024-7857 | Medium | 6.5 | 2024-08-29 | The Media Library Folders plugin for WordPress is vulnerable to second order SQL Injection via the 'sort_type' parameter of the 'mlf_change_sort_type' AJAX act… |
CVE-2024-31287 | Medium | 6.5 | 2024-04-10 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Max Foundry Media Library Folders.This issue affects Media Libr… |
CVE-2024-7858 | Medium | 6.3 | 2024-08-30 | The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-lib… |
CVE-2024-3615 | Medium | 6.1 | 2024-04-19 | The Media Library Folders plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 8.2… |
CVE-2022-41634 | Medium | 5.4 | 2022-11-18 | Cross-Site Request Forgery (CSRF) vulnerability in Media Library Folders plugin <= 7.1.1 on WordPress. |
CVE-2025-0935 | Medium | 4.3 | 2025-02-15 | The Media Library Folders plugin for WordPress is vulnerable to unauthorized plugin settings change due to a missing capability check on several AJAX actions i… |