Media Library Assistant, CVE-2023-0279

CVE, Research URL: CVE-2023-0279
Home page URL: Security reports for Media Library Assistant
Application: Media Library Assistant
Published on: Feb 27, 2023
Research Description: The Media Library Assistant WordPress plugin before 3.06 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
Affected versions: Min -, max 2.90.
Status: vulnerable