3.18

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-04	CVE-2024-11974	Cross-site Scripting vulnerability in Davidlingren Media Library Assistant The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘smc_settings_tab', 'unattachfixit-action', and 'woofixit-action’ parameters in all versions up to, and including, 3.23 due to insufficient input sanitization and output escaping. network low complexity davidlingren CWE-79	6.1