cleantalk
Vulnerabilities and Security Researches

Media Search Enhanced, CVE-2026-23805

CVE, Research URL

CVE-2026-23805

Home page URL

Security reports for Media Search Enhanced

Application

Media Search Enhanced

Published on
Feb 19, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yoren Chang Media Search Enhanced media-search-enhanced allows SQL Injection.This issue affects Media Search Enhanced: from n/a through <= 0.9.1.
Affected versions
max 0.9.1.
Status
vulnerable
Previous vulnerability researches
Filestack (CVE-2025-13959) , Feb 27, 2026
New vulnerability
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24942) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-23549) , Feb 28, 2026
Event Manager and Tickets Selling Plugin for WooCommerce &#8211; WpEvently &#8211; WordPress Plugin (CVE-2026-24954) , Feb 28, 2026
Library Management System (CVE-2025-12707) , Feb 28, 2026
CM Business Directory Plugin &#8211; Business Listing Directory (CVE-2026-25004) , Feb 28, 2026