# Exploit Title: Wordpress Plugin Media Library Assistant 2.81 - Local File Inclusion  
# Google Dork: N/A  
# Date: 2020-04-13  
# Exploit Author: Daniel Monzón (stark0de)  
# Vendor Homepage:  
# Software Link:  
# Version: 2.81  
# Tested on: Windows 7 x86 SP1  
# CVE : CVE-2020-11731, CVE-2020-11732  
----Local File Inclusion----------------------------  
There is a file inclusion vulnerability in the mla-file-downloader.php file. Example:  
Visiting the above URL would lead to disclosure of the contents of options.php. Note that this vulnerability does not require authentication.  
----Multiple Cross-Site-Scripting-------------------  
There are both reflected and stored cross-site scripting vulnerabilities in almost all Settings/Media Library Assistant tabs, which allow remote authenticated users to execute arbitrary JavaScript.   
Note that this vulnerability requires authentication.  
Tested on Windows 7 Pro SP1 32-bit and Wordpress 5.3.2