WordPress Plugin Vulnerabilities
Media Library Assistant < 2.82 - Authenticated RCE
Description
Remote Code Execution can occur via the tax_query, meta_query, and date_query parameter of the [mla_gallery] shortcode.
Affects Plugins
References
CVE
Classification
Type
RCE
OWASP top 10
CWE
CVSS
Miscellaneous
Verified
No
WPVDB ID
Timeline
Publicly Published
2020-04-19 (about 4 years ago)
Added
2020-04-20 (about 4 years ago)
Last Updated
2020-04-21 (about 4 years ago)