CVE-2026-34897
Stored XSS in Media Library Assistant Allows Persistent Script Injection
Publication date: 2026-04-06
Last updated on: 2026-04-06
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| david_lingren | media_library_assistant | to 3.34 (inc) |
| david_lingren | media_library_assistant | From 3.0.0 (inc) to 3.34 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the Cross Site Scripting (XSS) vulnerability in the Media Library Assistant plugin directly affects compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2026-34897 is a Cross Site Scripting (XSS) vulnerability affecting the WordPress Media Library Assistant Plugin versions up to and including 3.34.
This vulnerability allows attackers to inject malicious scriptsβsuch as redirects, advertisements, or other HTML payloadsβinto websites, which execute when visitors access the compromised site.
Exploitation requires a user with Contributor-level privileges or higher to perform an action like clicking a malicious link, visiting a crafted page, or submitting a form, meaning user interaction is necessary.
How can this vulnerability impact me? :
The vulnerability can lead to attackers injecting malicious scripts into your website, which may execute unwanted actions such as redirects or displaying unauthorized advertisements.
This can compromise the integrity and trustworthiness of your site, potentially harming user experience and exposing visitors to malicious content.
Although the severity is considered low and exploitation requires user interaction, such vulnerabilities are often used in mass-exploit campaigns affecting many sites.
Updating the plugin to version 3.35 or later is strongly advised to mitigate this risk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a Stored Cross Site Scripting (XSS) issue in the WordPress Media Library Assistant Plugin up to version 3.34. Detection typically involves identifying if the vulnerable plugin version is installed and if malicious scripts have been injected into the website content.
To detect the vulnerability on your system, you can check the installed plugin version and scan for suspicious scripts or payloads in the content managed by the plugin.
- Check the plugin version via WP-CLI: wp plugin list | grep media-library-assistant
- Search for suspicious script tags or payloads in the database, for example using SQL commands to look for <script> tags in posts or plugin-related tables.
- Use web vulnerability scanners that support XSS detection on your site pages where the plugin outputs content.
What immediate steps should I take to mitigate this vulnerability?
The primary immediate mitigation step is to update the WordPress Media Library Assistant Plugin to version 3.35 or later, where this vulnerability has been patched.
If immediate updating is not possible, restrict user roles to prevent users with Contributor-level privileges or higher from performing actions that could trigger the vulnerability.
Consider enabling auto-update options if available to facilitate rapid patching.
Additionally, monitor your site for suspicious activity and injected scripts, and remove any malicious content found.