cleantalk
Vulnerabilities and Security Researches

Media Library Assistant, CVE-2026-56012

CVE, Research URL

CVE-2026-56012

Home page URL

Security reports for Media Library Assistant

Application

Media Library Assistant

Published on
Jun 18, 2026
Research Description
Media Library Assistant [media-library-assistant] < 3.36 CVE-2026-56012 [en] Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35.
Affected versions
max 3.36.
Status
vulnerable
Previous vulnerability researches
Vertical scroll slideshow gallery v2 (CVE-2025-49897) , Aug 18, 2025
New vulnerability
WP Go Maps (formerly WP Google Maps) (CVE-2026-12238) , Jun 20, 2026
Media Library Assistant (CVE-2026-56012) , Jun 20, 2026
MStore API (CVE-2026-54817) , Jun 20, 2026
Bricksable for Bricks Builder (CVE-2026-56009) , Jun 20, 2026
Offload, AI &amp; Optimize with Cloudflare Images (CVE-2026-9860) , Jun 20, 2026