{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8357", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-30T13:56:59.477Z", "datePublished": "2025-08-19T04:26:02.471Z", "dateUpdated": "2026-04-08T17:05:00.392Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:05:00.392Z"}, "affected": [{"vendor": "dglingren", "product": "Media Library Assistant", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.27", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file deletion in the /wp-content/uploads directory due to insufficient file path validation and user capability checking in the _process_mla_download_file function in all versions up to, and including, 3.27. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server from the /wp-content/uploads/ directory."}], "title": "Media Library Assistant <= 3.27 - Authenticated (Author+) Limited File Deletion", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8726375f-de67-4c92-9cf8-1bfb7330f327?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.26/includes/class-mla-main.php#L924"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3336915%40media-library-assistant&new=3336915%40media-library-assistant&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "timeline": [{"time": "2025-07-30T14:12:37.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-08-18T16:23:26.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-19T19:21:43.144641Z", "id": "CVE-2025-8357", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-19T19:21:48.133Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8357", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-19T19:21:43.144641Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-19T19:21:45.415Z"}}], "cna": {"title": "Media Library Assistant <= 3.27 - Authenticated (Author+) Limited File Deletion", "credits": [{"lang": "en", "type": "finder", "value": "wesley"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}}], "affected": [{"vendor": "dglingren", "product": "Media Library Assistant", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.27"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-30T14:12:37.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-08-18T16:23:26.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8726375f-de67-4c92-9cf8-1bfb7330f327?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.26/includes/class-mla-main.php#L924"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3336915%40media-library-assistant&new=3336915%40media-library-assistant&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file deletion in the /wp-content/uploads directory due to insufficient file path validation and user capability checking in the _process_mla_download_file function in all versions up to, and including, 3.27. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server from the /wp-content/uploads/ directory."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:05:00.392Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8357", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:05:00.392Z", "dateReserved": "2025-07-30T13:56:59.477Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-19T04:26:02.471Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file deletion in the /wp-content/uploads directory due to insufficient file path validation and user capability checking in the _process_mla_download_file function in all versions up to, and including, 3.27. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server from the /wp-content/uploads/ directory."}, {"lang": "es", "value": "El complemento The Media Library Assistant para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos en el directorio /wp-content/uploads debido a una validaci\u00f3n insuficiente de la ruta de archivo y a la comprobaci\u00f3n de la capacidad del usuario en la funci\u00f3n _process_mla_download_file en todas las versiones hasta la 3.27 incluida. Esto permite que atacantes autenticados, con acceso de autor o superior, eliminen archivos arbitrarios del servidor desde el directorio /wp-content/uploads/."}], "id": "CVE-2025-8357", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-19T05:15:30.900", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.26/includes/class-mla-main.php#L924"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3336915%40media-library-assistant&new=3336915%40media-library-assistant&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8726375f-de67-4c92-9cf8-1bfb7330f327?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T03:27:39.354990+00:00", "value": {"mitigation_remediation": ["Update the Media Library Assistant plugin to a version newer than 3.27, where the file path validation and capability check have been fixed.", "If an update is not immediately possible, temporarily remove the file deletion capability from Author users or downgrade their role to Editor or lower until a patch is applied.", "Apply file system permissions that restrict write access for the web server to the /wp-content/uploads directory, ensuring that only the plugin or privileged users can delete files.", "Monitor logs for unexpected file removals and consider restoring deleted files from backup if a deletion occurs."], "summary": {"action": "Patch", "impact": "Arbitrary file deletion"}, "threat_synthesis": {"affected_systems": "It exists in all releases of the Media Library Assistant plugin up to and including version 3.27. The plugin is a WordPress add\u2011on that stores media in /wp-content/uploads, making the full set of WordPress sites that have an unaudited update vulnerable. The plugin is managed by the vendor dglingren.", "description_and_impact": "The vulnerability permits authenticated users with Author-level access to delete arbitrary files from the site\u2019s uploads directory, which could lead to loss of content and disruption of site functionality. This weakness arises from insufficient validation of the file path and a missing authorization check in the file deletion handler. The flaw is classified as CWE-862, Missing Authorization.", "risk_and_exploitability": "The CVSS score of 4.3 indicates a moderate impact, while the EPSS score of less than 1% suggests exploitation is unlikely against the general population. The vulnerability is not listed in CISA\u2019s KEV catalog. Attackers need authenticated access with Author or higher privileges, so the attack vector is internal or via compromised credentials. The lack of hard\u2011coded access controls in the deletion routine allows the attacker to supply a path that deletes arbitrary files in the uploads tree."}}}}, "created": "2025-08-24T22:19:13.943379+00:00", "updated": "2026-04-21T03:30:26.338272+00:00", "vendors": ["davidlingren", "davidlingren$PRODUCT$media_library_assistant", "wordpress", "wordpress$PRODUCT$wordpress"]}