WordPress Plugin Vulnerabilities

Media Library Assistant < 3.30 - Unauthenticated Limited File Read

Description

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can contain sensitive information.

Affects Plugins

Plugin icon
media-library-assistant
Fixed in 3.30

References

CVE
CVE-2025-11738
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/43d1264a-2265-4423-a643-7ef6436d3764

Classification

Type
FILE DELETION
OWASP top 10
A6: Security Misconfiguration
CWE
CWE-73
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
Lucas Montes (Nirox)
Verified
No
WPVDB ID
14b56676-c8ff-4037-8042-62f513bc3f4b

Timeline

Publicly Published
2025-10-17 (about 8 months ago)
Added
2025-10-17 (about 8 months ago)
Last Updated
2025-10-18 (about 8 months ago)

Other

Published
Title
Published
2025-07-30
Title
NinjaScanner < 3.2.6 - Admin+ Arbitrary File Deletion
Published
2022-08-08
Title
Export All URLs < 4.4 - Admin+ Arbitrary System File Removal
Published
2026-05-06
Title
WP-Optimize < 4.5.3 - Author+ Arbitrary File Deletion via 'original-file' Post Meta
Published
2025-04-07
Title
ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Unauthenticated Arbitrary File Download
Published
2026-06-23
Title
Word Count and Social Shares <= 1.0 - Subscriber+ Arbitrary File Deletion via Path Traversal