WordPress Plugin Vulnerabilities

Media Library Assistant < 2.90 - Authenticated Blind SQL Injection

Description

The Media Library Assistant WordPress plugin was affected by an authenticated (admin+) blind SQL injection vulnerability when there is at least one Custom Field Rule set in the plugin's options.

Proof of Concept

Affects Plugins

Plugin icon
media-library-assistant
Fixed in 2.90

References

URL
https://plugins.trac.wordpress.org/changeset/2423321

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
6.6 (medium)

Miscellaneous

Original Researcher
Lenon Leite
Submitter
Lenon Leite
Submitter website
https://lenonleite.com.br/
Submitter twitter
lenonleite
Verified
Yes
WPVDB ID
e61d3f28-d242-4fac-ab91-1a79c6da5e7d

Timeline

Publicly Published
2020-11-24 (about 5 years ago)
Added
2020-11-24 (about 5 years ago)
Last Updated
2020-11-24 (about 5 years ago)

Other

Published
Title
Published
2025-01-16
Title
WordPress Google Map Professional <= 1.0 - Authenticated (Contributor+) SQL Injection
Published
2025-04-21
Title
Revy <= 2.1 - Authenticated (Subscriber+) SQL Injection
Published
2016-11-12
Title
BBS e-Franchise 1.1.1 - Unauthenticated SQL Injection
Published
2025-07-31
Title
Cube Portfolio <= 1.16.8 - Authenticated (Subscriber+) SQL Injection
Published
2021-09-03
Title
Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections