CVE-2025-28949 – WordPress Mediabay – WordPress Media Library Folders

CVE ID : CVE-2025-28949

Published : Dec. 31, 2025, 8 p.m. | 24 minutes ago

Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Codedraft Mediabay – WordPress Media Library Folders allows Blind SQL Injection.This issue affects Mediabay – WordPress Media Library Folders: from n/a through 1.4.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…