149 matches found
CVE-2026-49112
Unauthenticated Path Traversal in Shared Files = 1.7.64 versions...
EUVD-2026-36886
Unauthenticated Path Traversal in Shared Files = 1.7.64 versions...
CVE-2026-49112
CVE-2026-49112: Unauthenticated Path Traversal in WordPress Shared Files plugin
CVE-2026-49112 WordPress Shared Files plugin <= 1.7.64 - Path Traversal vulnerability
Unauthenticated Path Traversal in Shared Files = 1.7.64 versions...
PT-2026-49116
Name of the Vulnerable Software and Affected Versions Shared Files versions prior to 1.7.65 Description An unauthenticated path traversal issue exists, allowing an attacker to access files and directories outside the intended folder on the server. Recommendations Update to a version newer than...
WordPress Shared Files plugin <= 1.7.64 - Path Traversal vulnerability
Path Traversal vulnerability discovered by kai63001 in WordPress Plugin Shared Files versions = 1.7.64...
WordPress Shared Files plugin < 1.7.58 - Contributor+ Arbitrary File Download vulnerability
Contributor+ Arbitrary File Download vulnerability discovered by Muhammad Rohan khan in WordPress Plugin Shared Files versions 1.7.58...
EUVD-2025-209042
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2025-15433 Shared Files < 1.7.58 - Contributor+ Arbitrary File Download
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2025-15433
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2025-15433 Shared Files < 1.7.58 - Contributor+ Arbitrary File Download
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2025-15433
The Shared Files WordPress plugin, versions before 1.7.58, is affected by a path traversal vulnerability that allows users with a role as low as Contributor to arbitrarily download any file on the web server (e.g., wp-config.php). Root cause: improper validation in file download logic. Affected p...
WordPress plugin Shared Files 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-28212
The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server such as wp-config.php via a path traversal vector...
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
CVE-2026-33370
CVE-2026-33370 : In Zimbra Collaboration (ZCS) 10.0 and 10.1, the Briefcase feature is affected by a stored XSS due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious scripts, the embedded JavaScript can execute in...
CVE-2026-33370
An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. A stored cross-site scripting XSS vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specific uploaded file types. When a user opens a publicly shared Briefcase file containing malicious...
EUVD-2026-8594
FileBrowser Quantum: Password Protection Not Enforced on Shared File Links...
CVE-2026-27611
FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direct download link i...
FileBrowser 安全漏洞
FileBrowser is a web-based file browser developed by Seagate as open source software. It provides an interface for managing files within specified directories, allowing actions such as uploading, deleting, previewing, renaming, and editing files. It supports multiple users, with each user having...