cleantalk
Vulnerabilities and Security Researches

Media Library Assistant, CVE-2025-63065

CVE, Research URL

CVE-2025-63065

Home page URL

Security reports for Media Library Assistant

Application

Media Library Assistant

Published on
Dec 09, 2025
Research Description
Authorization Bypass Through User-Controlled Key vulnerability in David Lingren Media Library Assistant media-library-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Library Assistant: from n/a through <= 3.30.
Affected versions
max 3.30.
Status
vulnerable
Previous vulnerability researches
WC Fields Factory (CVE-2023-0277) , Jun 07, 2024
WC Fields Factory (6cc027737736ffa5a4ad7d18f7aacab3368b4dae) , Jun 07, 2024
New vulnerability
JetFormBuilder — Dynamic Blocks Form Builder (CVE-2025-11991) , Jan 10, 2026
Brave &#8211; Create Popup, Optins, Lead Generation, Survey, Sticky Elements &amp; Interactive Content (CVE-2025-68508) , Jan 10, 2026
CC Child Pages (CVE-2025-13608) , Jan 10, 2026
Tainacan (CVE-2025-14043) , Jan 10, 2026
Restrict Elementor Widgets, Columns &amp; Sections (CVE-2025-64244) , Jan 10, 2026