Lucene search
K

149 matches found

RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.5 views

CVE-2024-34438

Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.19...

5.3CVSS5.5AI score0.00255EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:21 p.m.4 views

CVE-2024-34438

Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.19...

5.3CVSS0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.2 views

CVE-2024-34438 WordPress Shared Files plugin <= 1.7.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.19...

5.3CVSS5.9AI score0.00255EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:46 p.m.22 views

CVE-2024-34438 WordPress Shared Files plugin <= 1.7.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.19...

5.3CVSS0.00255EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.6 views

PT-2026-21025

Name of the Vulnerable Software and Affected Versions Shared Files versions through 1.7.19 Description A missing authorization flaw exists in Anssi Laitila Shared Files shared-files. The issue impacts the application's ability to properly restrict access to resources. Recommendations Update to a...

5.2AI score0.00255EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

WordPress plugin Shared Files 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.9 views

CVE-2023-4819

The Shared Files WordPress plugin before 1.7.6 does not return the right Content-Type header for the specified uploaded file. Therefore, an attacker can upload an allowed file extension injected with malicious scripts...

6.1CVSS6.8AI score0.0042EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/12/30 1:2 a.m.7 views

CVE-2025-15065

Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...

8.6CVSS6.8AI score0.00046EPSS
Exploits0References1
NVD
NVD
added 2025/12/29 1:15 a.m.5 views

CVE-2025-15065

Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...

8.6CVSS0.00046EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/12 12:0 a.m.2 views

CVE-2025-63419

Cross Site Scripting XSS vulnerability in CrushFTP 11.3.648. The Web-Based Server has a feature where users can share files, the feature reflects the filename to an emailbody field with no sanitations leading to HTML Injection...

5.5AI score0.002EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-2114

Malware in sbrugna...

3.5CVSS6.1AI score0.01152EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-30466

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00385EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-40124

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0037EPSS
Exploits0References1
Veracode
Veracode
added 2025/07/02 6:3 a.m.6 views

Improper Access Control

github.com/filebrowser/filebrowser is vulnerable to Improper Access Control. The vulnerability is due to an error-prone implementation of password-protected links, which allows an attacker to access shared files without authentication through direct download links obtained from browser history or...

4.3CVSS7.2AI score0.00312EPSS
Exploits1References4Affected Software2
CNVD
CNVD
added 2025/06/11 12:0 a.m.2 views

WordPress Shared Files Plugin Cross-Site Scripting Vulnerability

WordPress and WordPress Plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shared Files Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

7.2CVSS6.5AI score0.00305EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.2 views

WordPress plugin Shared Files 跨站脚本漏洞

WordPress and WordPress Plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shared Files Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

7.2CVSS6AI score0.00305EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 10:19 a.m.8 views

CVE-2024-32679

Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.16...

5.3CVSS5.9AI score0.00385EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:41 a.m.4 views

CVE-2024-43230

Insertion of Sensitive Information Into Sent Data vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.28...

7.5CVSS5.9AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.8 views

CVE-2021-24856

The Shared Files WordPress plugin before 1.6.61 does not sanitise and escape the Download Counter Text settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.00647EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:55 p.m.3 views

CVE-2024-13504

The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to, and including, 1.7.42 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.2AI score0.00372EPSS
Exploits0References1
Rows per page
Query Builder