Vulnerability Details CVE-2024-7858
The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-library-plus.php file in all versions up to, and including, 8.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform several actions related to managing media files and folder along with controlling settings.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.7%
CVSS Severity
CVSS v3 Score 6.3
References
- https://plugins.trac.wordpress.org/browser/media-library-plus/trunk/media-library-plus.php
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3143036%40media-library-plus&new=3143036%40media-library-plus&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/fcc0fc00-b7d6-429c-9ab3-f08971c48777?source=cve
Products affected by CVE-2024-7858
-
cpe:2.3:a:maxfoundry:media_library_folders:-
-
cpe:2.3:a:maxfoundry:media_library_folders:1.0
-
cpe:2.3:a:maxfoundry:media_library_folders:1.01
-
cpe:2.3:a:maxfoundry:media_library_folders:1.02
-
cpe:2.3:a:maxfoundry:media_library_folders:1.03
-
cpe:2.3:a:maxfoundry:media_library_folders:1.04
-
cpe:2.3:a:maxfoundry:media_library_folders:2.3
-
cpe:2.3:a:maxfoundry:media_library_folders:2.31
-
cpe:2.3:a:maxfoundry:media_library_folders:2.32
-
cpe:2.3:a:maxfoundry:media_library_folders:2.33
-
cpe:2.3:a:maxfoundry:media_library_folders:2.34
-
cpe:2.3:a:maxfoundry:media_library_folders:2.35
-
cpe:2.3:a:maxfoundry:media_library_folders:2.36
-
cpe:2.3:a:maxfoundry:media_library_folders:2.37
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.0
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.1
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.10
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.11
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.12
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.3
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.4
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.5
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.6
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.7
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.8
-
cpe:2.3:a:maxfoundry:media_library_folders:3.0.9
-
cpe:2.3:a:maxfoundry:media_library_folders:3.1.4
-
cpe:2.3:a:maxfoundry:media_library_folders:3.1.5
-
cpe:2.3:a:maxfoundry:media_library_folders:3.1.6
-
cpe:2.3:a:maxfoundry:media_library_folders:3.1.7
-
cpe:2.3:a:maxfoundry:media_library_folders:3.1.8
-
cpe:2.3:a:maxfoundry:media_library_folders:3.1.9
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.0
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.1
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.2
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.3
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.4
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.5
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.7
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.8
-
cpe:2.3:a:maxfoundry:media_library_folders:3.2.9
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.0
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.1
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.11
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.2
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.3
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.4
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.5
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.7
-
cpe:2.3:a:maxfoundry:media_library_folders:3.3.8
-
cpe:2.3:a:maxfoundry:media_library_folders:3.4.1
-
cpe:2.3:a:maxfoundry:media_library_folders:3.4.2
-
cpe:2.3:a:maxfoundry:media_library_folders:3.4.3
-
cpe:2.3:a:maxfoundry:media_library_folders:3.4.5
-
cpe:2.3:a:maxfoundry:media_library_folders:4.0.0
-
cpe:2.3:a:maxfoundry:media_library_folders:4.0.1
-
cpe:2.3:a:maxfoundry:media_library_folders:4.0.3
-
cpe:2.3:a:maxfoundry:media_library_folders:4.0.4
-
cpe:2.3:a:maxfoundry:media_library_folders:4.0.5
-
cpe:2.3:a:maxfoundry:media_library_folders:4.0.7
-
cpe:2.3:a:maxfoundry:media_library_folders:4.0.8
-
cpe:2.3:a:maxfoundry:media_library_folders:4.0.9
-
cpe:2.3:a:maxfoundry:media_library_folders:4.1.1
-
cpe:2.3:a:maxfoundry:media_library_folders:4.1.4
-
cpe:2.3:a:maxfoundry:media_library_folders:4.1.5
-
cpe:2.3:a:maxfoundry:media_library_folders:4.1.6
-
cpe:2.3:a:maxfoundry:media_library_folders:4.1.9
-
cpe:2.3:a:maxfoundry:media_library_folders:4.2.0
-
cpe:2.3:a:maxfoundry:media_library_folders:4.2.1
-
cpe:2.3:a:maxfoundry:media_library_folders:4.2.3
-
cpe:2.3:a:maxfoundry:media_library_folders:4.2.4
-
cpe:2.3:a:maxfoundry:media_library_folders:4.2.5
-
cpe:2.3:a:maxfoundry:media_library_folders:4.2.6
-
cpe:2.3:a:maxfoundry:media_library_folders:4.3.0
-
cpe:2.3:a:maxfoundry:media_library_folders:4.3.1
-
cpe:2.3:a:maxfoundry:media_library_folders:4.3.3
-
cpe:2.3:a:maxfoundry:media_library_folders:4.3.4
-
cpe:2.3:a:maxfoundry:media_library_folders:4.3.5
-
cpe:2.3:a:maxfoundry:media_library_folders:4.3.7
-
cpe:2.3:a:maxfoundry:media_library_folders:4.3.8
-
cpe:2.3:a:maxfoundry:media_library_folders:4.3.9
-
cpe:2.3:a:maxfoundry:media_library_folders:4.5.1
-
cpe:2.3:a:maxfoundry:media_library_folders:4.7.1
-
cpe:2.3:a:maxfoundry:media_library_folders:5.0.0
-
cpe:2.3:a:maxfoundry:media_library_folders:5.0.2
-
cpe:2.3:a:maxfoundry:media_library_folders:5.0.3
-
cpe:2.3:a:maxfoundry:media_library_folders:5.0.4
-
cpe:2.3:a:maxfoundry:media_library_folders:5.0.7
-
cpe:2.3:a:maxfoundry:media_library_folders:5.0.8
-
cpe:2.3:a:maxfoundry:media_library_folders:5.0.9
-
cpe:2.3:a:maxfoundry:media_library_folders:5.1.0
-
cpe:2.3:a:maxfoundry:media_library_folders:5.1.1
-
cpe:2.3:a:maxfoundry:media_library_folders:5.1.3
-
cpe:2.3:a:maxfoundry:media_library_folders:5.1.4
-
cpe:2.3:a:maxfoundry:media_library_folders:5.1.6
-
cpe:2.3:a:maxfoundry:media_library_folders:5.1.7
-
cpe:2.3:a:maxfoundry:media_library_folders:5.1.8
-
cpe:2.3:a:maxfoundry:media_library_folders:5.1.9
-
cpe:2.3:a:maxfoundry:media_library_folders:5.2.0
-
cpe:2.3:a:maxfoundry:media_library_folders:5.2.1
-
cpe:2.3:a:maxfoundry:media_library_folders:5.2.2
-
cpe:2.3:a:maxfoundry:media_library_folders:5.2.4
-
cpe:2.3:a:maxfoundry:media_library_folders:5.5.0
-
cpe:2.3:a:maxfoundry:media_library_folders:6.0.0
-
cpe:2.3:a:maxfoundry:media_library_folders:6.0.2
-
cpe:2.3:a:maxfoundry:media_library_folders:6.0.3
-
cpe:2.3:a:maxfoundry:media_library_folders:6.0.4
-
cpe:2.3:a:maxfoundry:media_library_folders:6.0.5
-
cpe:2.3:a:maxfoundry:media_library_folders:6.0.6
-
cpe:2.3:a:maxfoundry:media_library_folders:6.0.7
-
cpe:2.3:a:maxfoundry:media_library_folders:6.1.0
-
cpe:2.3:a:maxfoundry:media_library_folders:6.1.1
-
cpe:2.3:a:maxfoundry:media_library_folders:6.1.2
-
cpe:2.3:a:maxfoundry:media_library_folders:6.1.3
-
cpe:2.3:a:maxfoundry:media_library_folders:6.1.5
-
cpe:2.3:a:maxfoundry:media_library_folders:7.0.0
-
cpe:2.3:a:maxfoundry:media_library_folders:7.0.2
-
cpe:2.3:a:maxfoundry:media_library_folders:7.0.3
-
cpe:2.3:a:maxfoundry:media_library_folders:7.0.4
-
cpe:2.3:a:maxfoundry:media_library_folders:7.0.7
-
cpe:2.3:a:maxfoundry:media_library_folders:7.0.8
-
cpe:2.3:a:maxfoundry:media_library_folders:7.1.0
-
cpe:2.3:a:maxfoundry:media_library_folders:7.1.1
-
cpe:2.3:a:maxfoundry:media_library_folders:7.1.2
-
cpe:2.3:a:maxfoundry:media_library_folders:8.0.0
-
cpe:2.3:a:maxfoundry:media_library_folders:8.0.1
-
cpe:2.3:a:maxfoundry:media_library_folders:8.0.2
-
cpe:2.3:a:maxfoundry:media_library_folders:8.0.3
-
cpe:2.3:a:maxfoundry:media_library_folders:8.0.4
-
cpe:2.3:a:maxfoundry:media_library_folders:8.0.5
-
cpe:2.3:a:maxfoundry:media_library_folders:8.0.6
-
cpe:2.3:a:maxfoundry:media_library_folders:8.0.7
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.0
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.1
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.2
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.3
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.4
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.5
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.6
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.7
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.8
-
cpe:2.3:a:maxfoundry:media_library_folders:8.1.9
-
cpe:2.3:a:maxfoundry:media_library_folders:8.2.0
-
cpe:2.3:a:maxfoundry:media_library_folders:8.2.1
-
cpe:2.3:a:maxfoundry:media_library_folders:8.2.2
-
cpe:2.3:a:maxfoundry:media_library_folders:8.2.3