Vulnerability Description
The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the delete_maxgalleria_media() and maxgalleria_rename_image() functions due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to delete or rename attachments owned by other users (including administrators). The rename flow also deletes all postmeta for the target attachment, causing data loss.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://plugins.trac.wordpress.org/changeset/3459947/media-library-plus
- https://www.wordfence.com/threat-intel/vulnerabilities/id/ccf77cb1-b6b6-49de-8de
FAQ
What is CVE-2026-2312?
CVE-2026-2312 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the delete_maxgalleria_media() and maxgalleria_rename_i...
How severe is CVE-2026-2312?
CVE-2026-2312 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-2312?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.