Vulnerability Details CVE-2023-4716
The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mla_gallery' shortcode in versions up to, and including, 3.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.7%
CVSS Severity
CVSS v3 Score 6.4
References
- https://plugins.trac.wordpress.org/browser/media-library-assistant/trunk/includes/class-mla-shortcode-support.php?rev=2955933#L1507
- https://plugins.trac.wordpress.org/browser/media-library-assistant/trunk/includes/class-mla-shortcode-support.php?rev=2955933#L1511
- https://plugins.trac.wordpress.org/browser/media-library-assistant/trunk/includes/class-mla-shortcode-support.php?rev=2955933#L1515
- https://plugins.trac.wordpress.org/browser/media-library-assistant/trunk/includes/class-mla-shortcode-support.php?rev=2955933#L1531
- https://plugins.trac.wordpress.org/changeset/2963256/media-library-assistant
- https://www.wordfence.com/threat-intel/vulnerabilities/id/c5f6ae5d-7854-44c7-9fb8-efaa6e850d59?source=cve
- https://plugins.trac.wordpress.org/browser/media-library-assistant/trunk/includes/class-mla-shortcode-support.php?rev=2955933#L1507
- https://plugins.trac.wordpress.org/browser/media-library-assistant/trunk/includes/class-mla-shortcode-support.php?rev=2955933#L1511
- https://plugins.trac.wordpress.org/browser/media-library-assistant/trunk/includes/class-mla-shortcode-support.php?rev=2955933#L1515
- https://plugins.trac.wordpress.org/browser/media-library-assistant/trunk/includes/class-mla-shortcode-support.php?rev=2955933#L1531
- https://plugins.trac.wordpress.org/changeset/2963256/media-library-assistant
- https://www.wordfence.com/threat-intel/vulnerabilities/id/c5f6ae5d-7854-44c7-9fb8-efaa6e850d59?source=cve
Products affected by CVE-2023-4716
-
cpe:2.3:a:davidlingren:media_library_assistant:-
-
cpe:2.3:a:davidlingren:media_library_assistant:0.1
-
cpe:2.3:a:davidlingren:media_library_assistant:0.11
-
cpe:2.3:a:davidlingren:media_library_assistant:0.20
-
cpe:2.3:a:davidlingren:media_library_assistant:0.30
-
cpe:2.3:a:davidlingren:media_library_assistant:0.40
-
cpe:2.3:a:davidlingren:media_library_assistant:0.41
-
cpe:2.3:a:davidlingren:media_library_assistant:0.50
-
cpe:2.3:a:davidlingren:media_library_assistant:0.60
-
cpe:2.3:a:davidlingren:media_library_assistant:0.70
-
cpe:2.3:a:davidlingren:media_library_assistant:0.71
-
cpe:2.3:a:davidlingren:media_library_assistant:0.80
-
cpe:2.3:a:davidlingren:media_library_assistant:0.81
-
cpe:2.3:a:davidlingren:media_library_assistant:0.90
-
cpe:2.3:a:davidlingren:media_library_assistant:1.00
-
cpe:2.3:a:davidlingren:media_library_assistant:1.10
-
cpe:2.3:a:davidlingren:media_library_assistant:1.11
-
cpe:2.3:a:davidlingren:media_library_assistant:1.13
-
cpe:2.3:a:davidlingren:media_library_assistant:1.14
-
cpe:2.3:a:davidlingren:media_library_assistant:1.20
-
cpe:2.3:a:davidlingren:media_library_assistant:1.30
-
cpe:2.3:a:davidlingren:media_library_assistant:1.40
-
cpe:2.3:a:davidlingren:media_library_assistant:1.41
-
cpe:2.3:a:davidlingren:media_library_assistant:1.42
-
cpe:2.3:a:davidlingren:media_library_assistant:1.43
-
cpe:2.3:a:davidlingren:media_library_assistant:1.50
-
cpe:2.3:a:davidlingren:media_library_assistant:1.51
-
cpe:2.3:a:davidlingren:media_library_assistant:1.52
-
cpe:2.3:a:davidlingren:media_library_assistant:1.60
-
cpe:2.3:a:davidlingren:media_library_assistant:1.61
-
cpe:2.3:a:davidlingren:media_library_assistant:1.70
-
cpe:2.3:a:davidlingren:media_library_assistant:1.71
-
cpe:2.3:a:davidlingren:media_library_assistant:1.80
-
cpe:2.3:a:davidlingren:media_library_assistant:1.81
-
cpe:2.3:a:davidlingren:media_library_assistant:1.82
-
cpe:2.3:a:davidlingren:media_library_assistant:1.83
-
cpe:2.3:a:davidlingren:media_library_assistant:1.90
-
cpe:2.3:a:davidlingren:media_library_assistant:1.91
-
cpe:2.3:a:davidlingren:media_library_assistant:1.92
-
cpe:2.3:a:davidlingren:media_library_assistant:1.93
-
cpe:2.3:a:davidlingren:media_library_assistant:1.94
-
cpe:2.3:a:davidlingren:media_library_assistant:1.95
-
cpe:2.3:a:davidlingren:media_library_assistant:2.00
-
cpe:2.3:a:davidlingren:media_library_assistant:2.01
-
cpe:2.3:a:davidlingren:media_library_assistant:2.02
-
cpe:2.3:a:davidlingren:media_library_assistant:2.10
-
cpe:2.3:a:davidlingren:media_library_assistant:2.11
-
cpe:2.3:a:davidlingren:media_library_assistant:2.12
-
cpe:2.3:a:davidlingren:media_library_assistant:2.13
-
cpe:2.3:a:davidlingren:media_library_assistant:2.14
-
cpe:2.3:a:davidlingren:media_library_assistant:2.15
-
cpe:2.3:a:davidlingren:media_library_assistant:2.21
-
cpe:2.3:a:davidlingren:media_library_assistant:2.22
-
cpe:2.3:a:davidlingren:media_library_assistant:2.24
-
cpe:2.3:a:davidlingren:media_library_assistant:2.25
-
cpe:2.3:a:davidlingren:media_library_assistant:2.30
-
cpe:2.3:a:davidlingren:media_library_assistant:2.31
-
cpe:2.3:a:davidlingren:media_library_assistant:2.32
-
cpe:2.3:a:davidlingren:media_library_assistant:2.33
-
cpe:2.3:a:davidlingren:media_library_assistant:2.40
-
cpe:2.3:a:davidlingren:media_library_assistant:2.41
-
cpe:2.3:a:davidlingren:media_library_assistant:2.50
-
cpe:2.3:a:davidlingren:media_library_assistant:2.51
-
cpe:2.3:a:davidlingren:media_library_assistant:2.53
-
cpe:2.3:a:davidlingren:media_library_assistant:2.54
-
cpe:2.3:a:davidlingren:media_library_assistant:2.60
-
cpe:2.3:a:davidlingren:media_library_assistant:2.61
-
cpe:2.3:a:davidlingren:media_library_assistant:2.62
-
cpe:2.3:a:davidlingren:media_library_assistant:2.65
-
cpe:2.3:a:davidlingren:media_library_assistant:2.70
-
cpe:2.3:a:davidlingren:media_library_assistant:2.72
-
cpe:2.3:a:davidlingren:media_library_assistant:2.73
-
cpe:2.3:a:davidlingren:media_library_assistant:2.74
-
cpe:2.3:a:davidlingren:media_library_assistant:2.75
-
cpe:2.3:a:davidlingren:media_library_assistant:2.77
-
cpe:2.3:a:davidlingren:media_library_assistant:2.78
-
cpe:2.3:a:davidlingren:media_library_assistant:2.79
-
cpe:2.3:a:davidlingren:media_library_assistant:2.80
-
cpe:2.3:a:davidlingren:media_library_assistant:2.82
-
cpe:2.3:a:davidlingren:media_library_assistant:2.83
-
cpe:2.3:a:davidlingren:media_library_assistant:2.84
-
cpe:2.3:a:davidlingren:media_library_assistant:2.90
-
cpe:2.3:a:davidlingren:media_library_assistant:2.91
-
cpe:2.3:a:davidlingren:media_library_assistant:2.92
-
cpe:2.3:a:davidlingren:media_library_assistant:2.93
-
cpe:2.3:a:davidlingren:media_library_assistant:2.94
-
cpe:2.3:a:davidlingren:media_library_assistant:2.95
-
cpe:2.3:a:davidlingren:media_library_assistant:2.96
-
cpe:2.3:a:davidlingren:media_library_assistant:2.97
-
cpe:2.3:a:davidlingren:media_library_assistant:2.98
-
cpe:2.3:a:davidlingren:media_library_assistant:2.99
-
cpe:2.3:a:davidlingren:media_library_assistant:3.0.7
-
cpe:2.3:a:davidlingren:media_library_assistant:3.00
-
cpe:2.3:a:davidlingren:media_library_assistant:3.01
-
cpe:2.3:a:davidlingren:media_library_assistant:3.02
-
cpe:2.3:a:davidlingren:media_library_assistant:3.03
-
cpe:2.3:a:davidlingren:media_library_assistant:3.04
-
cpe:2.3:a:davidlingren:media_library_assistant:3.05
-
cpe:2.3:a:davidlingren:media_library_assistant:3.06
-
cpe:2.3:a:davidlingren:media_library_assistant:3.07
-
cpe:2.3:a:davidlingren:media_library_assistant:3.08
-
cpe:2.3:a:davidlingren:media_library_assistant:3.09
-
cpe:2.3:a:davidlingren:media_library_assistant:3.10