CVE-2020-11928

Name of the Vulnerable Software and Affected Versions media-library-assistant plugin versions prior to 2.82 for WordPress

Description The issue allows for Remote Code Execution via the tax query, meta query, or date query parameter in mla gallery through an admin interface.

Recommendations For versions prior to 2.82, update to version 2.82 or later to resolve the issue. As a temporary workaround, consider restricting access to the mla gallery function and its associated parameters tax query, meta query, and date query until the update is applied.