cleantalk
Vulnerabilities and Security Researches

Media Library Assistant, CVE-2025-59590

CVE, Research URL

CVE-2025-59590

Home page URL

Security reports for Media Library Assistant

Application

Media Library Assistant

Published on
Sep 23, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through <= 3.28.
Affected versions
max 3.29.
Status
vulnerable
Previous vulnerability researches
ContentMX Content Publisher (CVE-2025-9889) , Apr 23, 2026
ContentMX Content Publisher (CVE-2025-31555) , Apr 03, 2025
New vulnerability
Ni WooCommerce Order Export (CVE-2026-4140) , Apr 24, 2026
Slider Bootstrap Carousel (CVE-2026-4076) , Apr 24, 2026
Popup Builder &#8211; Create highly converting, mobile friendly marketing popups. (CVE-2025-9856) , Apr 24, 2026
MaxiBlocks Free Page Builder &amp; Template Library (CVE-2025-58968) , Apr 24, 2026
POST SMTP &#8211; The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2025-9219) , Apr 24, 2026