149 matches found
CVE-2024-34438
Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.19...
CVE-2024-34438
Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.19...
CVE-2024-34438 WordPress Shared Files plugin <= 1.7.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.19...
CVE-2024-34438 WordPress Shared Files plugin <= 1.7.19 - Broken Access Control vulnerability
Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.19...
PT-2026-21025
Name of the Vulnerable Software and Affected Versions Shared Files versions through 1.7.19 Description A missing authorization flaw exists in Anssi Laitila Shared Files shared-files. The issue impacts the application's ability to properly restrict access to resources. Recommendations Update to a...
WordPress plugin Shared Files 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2023-4819
The Shared Files WordPress plugin before 1.7.6 does not return the right Content-Type header for the specified uploaded file. Therefore, an attacker can upload an allowed file extension injected with malicious scripts...
CVE-2025-15065
Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...
CVE-2025-15065
Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...
CVE-2025-63419
Cross Site Scripting XSS vulnerability in CrushFTP 11.3.648. The Web-Based Server has a feature where users can share files, the feature reflects the filename to an emailbody field with no sanitations leading to HTML Injection...
EUVD-2013-2114
Malware in sbrugna...
EUVD-2024-30466
Malicious code in bioql PyPI...
EUVD-2024-40124
Malicious code in bioql PyPI...
Improper Access Control
github.com/filebrowser/filebrowser is vulnerable to Improper Access Control. The vulnerability is due to an error-prone implementation of password-protected links, which allows an attacker to access shared files without authentication through direct download links obtained from browser history or...
WordPress Shared Files Plugin Cross-Site Scripting Vulnerability
WordPress and WordPress Plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shared Files Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...
WordPress plugin Shared Files 跨站脚本漏洞
WordPress and WordPress Plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Shared Files Plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...
CVE-2024-32679
Missing Authorization vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.16...
CVE-2024-43230
Insertion of Sensitive Information Into Sent Data vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.28...
CVE-2021-24856
The Shared Files WordPress plugin before 1.6.61 does not sanitise and escape the Download Counter Text settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
CVE-2024-13504
The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to, and including, 1.7.42 due to insufficient input sanitization and output escaping. This makes it possible for...