{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3072", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-02-23T20:00:15.996Z", "datePublished": "2026-03-05T05:26:31.776Z", "dateUpdated": "2026-04-08T16:42:42.781Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:42:42.781Z"}, "affected": [{"vendor": "dglingren", "product": "Media Library Assistant", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.33", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mla_update_compat_fields_action() function in all versions up to, and including, 3.33. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify taxonomy terms on arbitrary attachments."}], "title": "Media Library Assistant <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2655f936-8177-4836-a0b0-1c637290a3bc?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.32/includes/class-mla-media-modal-ajax.php#L628"}, {"url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.32/includes/class-mla-media-modal-ajax.php#L594"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3469795%40media-library-assistant%2Ftrunk&old=3465434%40media-library-assistant%2Ftrunk&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Sharief"}], "timeline": [{"time": "2026-02-23T20:15:39.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2026-03-04T16:31:21.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-05T16:39:13.823733Z", "id": "CVE-2026-3072", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T16:39:21.124Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3072", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-05T16:39:13.823733Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T16:39:17.968Z"}}], "cna": {"title": "Media Library Assistant <= 3.33 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Taxonomy Modification", "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Sharief"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "dglingren", "product": "Media Library Assistant", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.33"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-02-23T20:15:39.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2026-03-04T16:31:21.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2655f936-8177-4836-a0b0-1c637290a3bc?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.32/includes/class-mla-media-modal-ajax.php#L628"}, {"url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.32/includes/class-mla-media-modal-ajax.php#L594"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3469795%40media-library-assistant%2Ftrunk&old=3465434%40media-library-assistant%2Ftrunk&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mla_update_compat_fields_action() function in all versions up to, and including, 3.33. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify taxonomy terms on arbitrary attachments."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:42:42.781Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3072", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:42:42.781Z", "dateReserved": "2026-02-23T20:00:15.996Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-03-05T05:26:31.776Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Media Library Assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mla_update_compat_fields_action() function in all versions up to, and including, 3.33. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify taxonomy terms on arbitrary attachments."}, {"lang": "es", "value": "El plugin Media Library Assistant para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una comprobaci\u00f3n de capacidad faltante en la funci\u00f3n mla_update_compat_fields_action() en todas las versiones hasta la 3.33, inclusive. Esto hace posible que atacantes autenticados, con acceso de nivel Suscriptor y superior, modifiquen t\u00e9rminos de taxonom\u00eda en archivos adjuntos arbitrarios."}], "id": "CVE-2026-3072", "lastModified": "2026-04-22T21:27:27.950", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-03-05T06:16:52.160", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.32/includes/class-mla-media-modal-ajax.php#L594"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/media-library-assistant/tags/3.32/includes/class-mla-media-modal-ajax.php#L628"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3469795%40media-library-assistant%2Ftrunk&old=3465434%40media-library-assistant%2Ftrunk&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2655f936-8177-4836-a0b0-1c637290a3bc?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.33]"}}], "enrichment": {"confidence": 93.0, "confidence_source": "matching", "scores": [{"score": 93.0, "source": "matching"}]}, "original": {"product": "Media Library Assistant", "source": "cna", "vendor": "dglingren"}, "product": "media_library_assistant", "vendor": "davidlingren"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-15T20:03:22.410947+00:00", "value": {"mitigation_remediation": ["Update the Media Library Assistant plugin to version 3.34 or later to apply the vendor\u2011supplied patch.", "If updating is not immediately possible, reduce or remove the \"edit_attachments\" capability from Subscriber+ roles using WordPress role management or a capability\u2011control plugin.", "Perform an audit of attachment taxonomy usage to identify and rectify any misconfigured or suspicious terms that might have been altered by compromised accounts."], "summary": {"action": "Apply patch", "impact": "Unauthorized attachment taxonomy modification"}, "threat_synthesis": {"affected_systems": "dglingren:Media Library Assistant \u2013 the WordPress Media Library Assistant plugin. All released versions up to and including 3.33 are affected. Users running any of those versions must verify their installation and apply a fix or upgrade.", "description_and_impact": "The Media Library Assistant plugin for WordPress allows an authenticated user with Subscriber-level access and above to modify taxonomy terms on any attachment due to a missing capability check in the mla_update_compat_fields_action() function. This flaw enables attackers to change how media items are categorized or tagged, potentially undermining site organization, media searchability, and the integrity of content metadata. The weakness is classified as an Authorization Bypass (CWE-862).", "risk_and_exploitability": "The reported CVSS v3 score of 4.3 reflects moderate impact with an authenticated attack vector. The EPSS score is less than 1%, indicating a very low probability of exploitation at the time of analysis, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Because the flaw requires only a standard subscriber account, the risk is chiefly that legitimate users could unintentionally or maliciously alter media taxonomy, but it does not provide a path to remote code execution or system compromise."}}}}, "created": "2026-03-06T15:17:49.967340+00:00", "updated": "2026-04-15T20:15:13.702174+00:00", "vendors": ["davidlingren", "davidlingren$PRODUCT$media_library_assistant", "wordpress", "wordpress$PRODUCT$wordpress"]}