Lucene search

K
cvelistWPScanCVELIST:CVE-2021-24736
HistoryOct 18, 2021 - 1:46 p.m.

CVE-2021-24736 Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting

2021-10-1813:46:06
CWE-79
WPScan
www.cve.org

0.001 Low

EPSS

Percentile

24.8%

The Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files WordPress plugin before 1.6.57 does not sanitise and escape some of its settings before outputting them in attributes, which could lead to Stored Cross-Site Scripting issues.

CNA Affected

[
  {
    "product": "Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.6.57",
        "status": "affected",
        "version": "1.6.57",
        "versionType": "custom"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

24.8%

Related for CVELIST:CVE-2021-24736