Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
WordPress Media Library Folders Plugin Allows Deleting Others' Files
CVE-2026-2312
Summary
An attacker with Author-level access or higher can delete or rename attachments owned by other users, including administrators, which can result in data loss. This affects all versions of the Media Library Folders plugin up to and including 8.3.6. Update the plugin to a version higher than 8.3.6 to fix the issue.
Original title
The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the delete_maxgalleria_media() and maxgalleria_renam...
Original description
The Media Library Folders plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 8.3.6 via the delete_maxgalleria_media() and maxgalleria_rename_image() functions due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to delete or rename attachments owned by other users (including administrators). The rename flow also deletes all postmeta for the target attachment, causing data loss.
nvd CVSS3.1
4.3
Vulnerability type
CWE-862
Missing Authorization
Published: 14 Feb 2026 · Updated: 10 Mar 2026 · First seen: 6 Mar 2026