David Lingren Media LIbrary Assistant CVE-2025-63065
MEDIUMSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
Authorization Bypass Through User-Controlled Key vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media LIbrary Assistant: from n/a through <= 3.29.
AnalysisAI
Media Library Assistant WordPress plugin through version 3.29 allows authenticated users to bypass authorization controls and access or modify content they should not have permission to reach via user-controlled keys in access control mechanisms. The vulnerability requires an authenticated user with limited privileges (PR:L) and affects confidentiality and integrity of stored media library data, though with relatively low exploitation probability (EPSS 0.04%) and no confirmed active exploitation at time of analysis.
Technical ContextAI
The vulnerability stems from CWE-639 (Authorization Through User-Controlled Key), a flaw in access control logic where the application relies on user-supplied parameters or keys to determine authorization decisions rather than enforcing server-side access control policies. Media Library Assistant, a WordPress plugin managing media file access and permissions, implements role-based or capability-based access controls that can be circumvented when user input directly influences whether authorization checks are performed. This is a common pattern in WordPress plugins where $_POST, $_GET, or REST API parameters containing user IDs, role names, or access keys are improperly trusted to validate permissions. The plugin affects WordPress installations relying on Media Library Assistant for managing media access controls.
Affected ProductsAI
Media Library Assistant WordPress plugin versions through 3.29 (CPE: cpe:2.3:a:davidlingren:media-library-assistant:*:*:*:*:*:wordpress:*:*). The vulnerability was confirmed by audit@patchstack.com and reported in the Patchstack vulnerability database for WordPress plugins. The advisory is available at https://patchstack.com/database/Wordpress/Plugin/media-library-assistant/vulnerability/wordpress-media-library-assistant-plugin-3-30-broken-access-control-vulnerability.
RemediationAI
Update Media Library Assistant to version 3.30 or later, which addresses the authorization bypass by implementing proper server-side access control validation that does not rely on user-controlled keys. WordPress administrators should navigate to Plugins > Installed Plugins, locate Media Library Assistant, and click Update to version 3.30+. No interim workarounds are practical for this class of vulnerability; patching is the primary remediation. Organizations unable to update immediately should restrict the plugin to trusted user roles with administrative oversight of media library access. Consult the Patchstack advisory for additional configuration guidance if needed.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today