Vulnerability Details: Multiple in Media Library Assistant
Recently our Plugin Vulnerabilities Firewall blocked the following hacking attempt on our website:
…
3
Jan
2022
Tag Archives: Media Library Assistant
1
Nov
2017
What Happened With WordPress Plugin Vulnerabilities in October 2017
If you want the best information and therefore best protection against vulnerabilities in WordPress plugins we provide you that through our service.
Here is what we did to keep those are already using our service secure from WordPress plugin vulnerabilities during October (and what you have been missing out on if you haven’t signed up yet, which you can currently do for half off): [Read more]
2
Oct
2017
What Happened With WordPress Plugin Vulnerabilities in September 2017
If you want the best information and therefore best protection against vulnerabilities in WordPress plugins we provide you that through our service.
Here is what we did to keep those are already using our service secure from WordPress plugin vulnerabilities during September (and what you have been missing out on if you haven’t signed up yet): [Read more]
5
Sep
2017
Authenticated PHP Object Injection Vulnerability in Media Library Assistant
We recently started proactively monitoring for evidence of some high risk vulnerabilities when changes are made to WordPress plugins and if we had more customers we could expand the proactive monitoring to more types of vulnerabilities. One of the types of vulnerabilities we are looking for are PHP object injection vulnerabilities since those are likely to be exploited if hackers become aware of them. Through that we came across an authenticated PHP object injection vulnerability in the plugin Media Library Assistant.
The plugin makes it’s Media Library Assistant page in the admin area viable to users with the upload_files capability, which is normally available to Author-level and above users (in the file /includes/class-mla-main.php): [Read more]