Source evidence

Vulnerable to Cross Site Request Forgery (CSRF)

Media Library Helper — Bulk edit image ALT, caption & description · support · 2023-07-11T16:18:00+00:00

Media Library Helper — Bulk edit image ALT, caption & description plugin evidence original source source API

mixedsentiment

highseverity

0.94relevance

7replies

Evidence linked to opportunitycommercial context

Proof Health

Open evidence

Commercial opportunities need traceable source links before they are treated as build-worthy.

4 / 23 rows with source links

17.4% of this page's analysis has direct source links.

0 build-decision rows missing links

0 rows here require auditable proof before promotion.

19 rows with no attached evidence

0 rows have source counts but still need direct links.

Conversation

support

Razorfrog Web Design resolved

I’m seeing alerts in WordFence and Patchstack for this plugin: https://patchstack.com/database/vulnerability/media-library-helper/wordpress-media-library-helper-by-codexin-plugin-1-2-0-cross-site-request-forgery-csrf Please fix, thank you! Also getting same from Wordfence… Following… I’m getting the same vulnerability message from Malcare and I will have the plugin disabled untill it is fixed. Thank you for escalating the concerns to us. While our initial investigation has not revealed any such vulnerabilities, rest assured, we’re conducting a more comprehensive examination to ensure the utmost security. Should we detect the reported vulnerability, we will promptly apply the necessary patches. Your vigilance is much appreciated. Thank you Codexin. Your efforts are appreciated. Looking forward to a resolution. Your plugin is wonderful! We are pleased to announce that we have addressed the security issue mentioned earlier and resolved the problematic component successfully. Furthermore, we’ve enhanced the plugin further for code optimization and efficiency. Kindly update the plugin to the latest version, 1.3.0. We sincerely appreciate your continued support and patience. Good to hear. Thanks! So happy to hear this! We love Media Library Helper.

Commercial Context

Opportunity

content publishing operations

Media Library publishing workflow assurance for keeping publishing, media, and editorial handoffs consistent

Buyer: publishers, content teams, and agencies

Wedge: check media library publishing, media, metadata, and editorial handoffs before content goes live

Proof Blocked card complete market

Analysis

heuristic-v1

Summary: Vulnerable to Cross Site Request Forgery (CSRF): users show security, bugs, performance pain that may indicate a product gap.

Evidence quote: Vulnerable to Cross Site Request Forgery (CSRF) I’m seeing alerts in WordFence and Patchstack for this plugin: https://patchstack.com/database/vulnerability/media-library-helper/wordpress-media-library-helper-by-codexin-plugin-1-2-0-cross-site-request-forgery-csrf Please fix, thank you!

Affected feature: security

security bugs performance support

Plugin

API

Media Library Helper — Bulk edit image ALT, caption & description

10.0K active installs · 154.9K downloads · rating 98.0

alt tag bulk edit image caption media library seo

Comments

7 shown

crzyhrse 2023-07-13T01:52:00+00:00

Also getting same from Wordfence… Following…

sanyimo 2023-07-19T14:43:00+00:00

I’m getting the same vulnerability message from Malcare and I will have the plugin disabled untill it is fixed.

Codexin Technologies 2023-07-26T12:07:00+00:00

Thank you for escalating the concerns to us. While our initial investigation has not revealed any such vulnerabilities, rest assured, we’re conducting a more comprehensive examination to ensure the utmost security. Should we detect the reported vulnerability, we will promptly apply the necessary patches. Your vigilance is much appreciated.

douvan 2023-08-03T16:01:00+00:00

Thank you Codexin. Your efforts are appreciated. Looking forward to a resolution. Your plugin is wonderful!

Codexin Technologies 2023-09-22T22:41:00+00:00

We are pleased to announce that we have addressed the security issue mentioned earlier and resolved the problematic component successfully. Furthermore, we’ve enhanced the plugin further for code optimization and efficiency. Kindly update the plugin to the latest version, 1.3.0. We sincerely appreciate your continued support and patience.

Ruben 2023-09-23T16:48:00+00:00

Good to hear. Thanks!

amandachestnutherbs 2023-09-28T19:30:00+00:00

So happy to hear this! We love Media Library Helper.