CVE-2026-2312
Unknown Unknown - Not Provided
Insecure Direct Object Reference in Media Library Folders Plugin Allows Data Loss

Publication date: 2026-02-14

Last updated on: 2026-02-14

Assigner: Wordfence

Description
The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the delete_maxgalleria_media() and maxgalleria_rename_image() functions due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to delete or rename attachments owned by other users (including administrators). The rename flow also deletes all postmeta for the target attachment, causing data loss.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-14
Last Modified
2026-02-14
Generated
2026-06-16
AI Q&A
2026-02-14
EPSS Evaluated
2026-06-14
NVD
CVE-2026-2312
EUVD
EUVD-2026-6032
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
media_library_folders media_library_folders to 8.3.6 (inc)
media_library_plus media_library_plus 8.3.7
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The Media Library Folders plugin for WordPress has an Insecure Direct Object Reference vulnerability in all versions up to and including 8.3.6. This vulnerability exists in the delete_maxgalleria_media() and maxgalleria_rename_image() functions because they do not properly validate a user-controlled key.

As a result, authenticated attackers with Author-level access or higher can delete or rename attachments owned by other users, including administrators. Additionally, the rename process deletes all postmeta data for the targeted attachment, which can lead to data loss.

Impact Analysis

This vulnerability allows attackers with Author-level access or above to delete or rename media attachments belonging to other users, including administrators.

The rename operation also deletes all associated postmeta data for the targeted attachment, potentially causing significant data loss.

Such unauthorized modifications can disrupt website content management, cause loss of important media files, and undermine trust in the integrity of the site.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

The vulnerability affects all versions of the Media Library Folders plugin up to and including 8.3.6. An immediate mitigation step is to update the plugin to version 8.3.7 or later, which is a major release that likely addresses this issue.

Additionally, restrict Author-level access and above to trusted users only, as the vulnerability requires authenticated users with at least Author-level privileges.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2312. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart