cleantalk
Vulnerabilities and Security Researches

Media Library Assistant, CVE-2025-63065

CVE, Research URL

CVE-2025-63065

Home page URL

Security reports for Media Library Assistant

Application

Media Library Assistant

Published on
Dec 09, 2025
Research Description
Authorization Bypass Through User-Controlled Key vulnerability in David Lingren Media Library Assistant media-library-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library Assistant: from n/a through <= 3.30.
Affected versions
max 3.30.
Status
vulnerable
Previous vulnerability researches
Supertext Translation and Proofreading (CVE-2025-47639) , May 09, 2025
Theme and plugin translation for Polylang (TTfP) (CVE-2022-4169) , Jun 07, 2024
Polylang (CVE-2014-4855) , Jun 06, 2024
Polylang (CVE-2025-64353) , Dec 10, 2025
Polylang , Jan 16, 2025
New vulnerability
WordPress Plugin for Google Maps &#8211; WP MAPS (CVE-2025-67535) , Jan 09, 2026
Widgets for Google Reviews (CVE-2025-12510) , Jan 09, 2026
Quiz And Survey Master &#8211; Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-63054) , Jan 09, 2026
Filter &amp; Grids (CVE-2025-10289) , Jan 09, 2026
Admin and Site Enhancements (ASE) (CVE-2025-64255) , Jan 09, 2026