Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

dglingren — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting dglingren. AI-powered Chinese analysis, POCs, and references for each vulnerability.

dglingren develops enterprise software solutions with a focus on web application frameworks and content management systems. Historically, vulnerabilities associated with this entity have commonly included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and access control issues. Security researchers have identified multiple critical vulnerabilities in their products, with 14 CVEs documented to date. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential weaknesses in secure coding practices and security testing protocols within their development lifecycle.

Found 14 results / 14Clear Filters
Top products by dglingren: Media Library Assistant
CVE IDTitleCVSSSeverityPublished
CVE-2026-3072 Media Library Assistant <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification — Media Library AssistantCWE-862 4.3 Medium2026-03-05
CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read — Media Library AssistantCWE-73 5.3 Medium2025-10-18
CVE-2025-8357 Media Library Assistant <= 3.27 - Authenticated (Author+) Limited File Deletion — Media Library AssistantCWE-862 4.3 Medium2025-08-19
CVE-2025-7035 Media Library Assistant <= 3.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via mla_tag_cloud and mla_term_list Shortcodes — Media Library AssistantCWE-79 6.4 Medium2025-07-16
CVE-2024-11974 Media Library Assistant <= 3.23 - Reflected Cross-Site Scripting via smc_settings_tab, unattachfixit-action, and woofixit-action Parameters — Media Library AssistantCWE-79 6.1 Medium2025-01-04
CVE-2024-6823 Media Library Assistant <= 3.18 - Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action — Media Library AssistantCWE-434 8.8 High2024-08-13
CVE-2024-5544 Media Library Assistant <= 3.17 - Reflected Cross-Site Scripting — Media Library AssistantCWE-79 6.1 Medium2024-07-02
CVE-2024-5605 Media Library Assistant <= 3.16 - Authenticated (Contributor+) SQL Injection via order Parameter — Media Library AssistantCWE-89 8.8 High2024-06-20
CVE-2024-3518 Media Library Assistant <= 3.15 - Authenticated (Contributor+) SQL Injection via Shortcode — Media Library AssistantCWE-89 8.8 High2024-05-21
CVE-2024-3519 Media Library Assistant <= 3.15 - Reflected Cross-Site Scripting via lang — Media Library AssistantCWE-87 6.1 Medium2024-05-21
CVE-2024-2871 Media Library Assistant <= 3.13 - Authenticated (Contributor+) SQL Injection via Shortcode — Media Library AssistantCWE-89 6.4 Medium2024-04-09
CVE-2024-2475 Media Library Assistant <= 3.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via mla_gallery Shortcode — Media Library AssistantCWE-79 6.4 Medium2024-03-29
CVE-2023-4716 Media Library Assistant <= 3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Media Library AssistantCWE-79 6.4 Medium2023-09-22
CVE-2023-4634 Media Library Assistant <= 3.09 - Unauthenticated Local/Remote File Inclusion & Remote Code Execution — Media Library AssistantCWE-73 9.8 Critical2023-09-06

This page lists every published CVE security advisory associated with dglingren. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.