cleantalk
Vulnerabilities and Security Researches

Media Library Assistant, CVE-2026-56012

CVE, Research URL

CVE-2026-56012

Home page URL

Security reports for Media Library Assistant

Application

Media Library Assistant

Published on
Jun 18, 2026
Research Description
Media Library Assistant [media-library-assistant] < 3.36 CVE-2026-56012 [en] Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35.
Affected versions
max 3.36.
Status
vulnerable
Previous vulnerability researches
Listdom – Business Directory and Classified Ads Listings WordPress Plugin (CVE-2024-11854) , Dec 06, 2024
Listdom – Business Directory and Classified Ads Listings WordPress Plugin (CVE-2025-67560) , Jan 10, 2026
Listdom – Business Directory and Classified Ads Listings WordPress Plugin (CVE-2026-54819) , Jun 20, 2026
Listdom – Business Directory and Classified Ads Listings WordPress Plugin (CVE-2025-39599) , Apr 18, 2025
New vulnerability
Media Library Assistant (CVE-2026-56012) , Jun 20, 2026
MStore API (CVE-2026-54817) , Jun 20, 2026
Bricksable for Bricks Builder (CVE-2026-56009) , Jun 20, 2026
Offload, AI &amp; Optimize with Cloudflare Images (CVE-2026-9860) , Jun 20, 2026
Royal Elementor Addons and Templates (CVE-2026-8118) , Jun 20, 2026