5 matches found
CVE-2024-13504
The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to, and including, 1.7.42 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-13504
creationtimestamp| type| source ---|---|--- 2025-01-31 05:38:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113921353183294059 2025-01-31 06:16:31+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzdxx6nbt2r 2025-01-31 07:24:02+00:00|...
CVE-2024-13504 Shared Files – Frontend File Upload Form & Secure File Sharing <= 1.7.42 - Limited Unauthenticated Stored Cross-Site Scripting via File Upload
The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to, and including, 1.7.42 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-13504
CVE-2024-13504 relates to the Shared Files – Frontend File Upload Form & Secure File Sharing WordPress plugin (versions up to 1.7.42). The vulnerability is a stored XSS via dfxp file uploads caused by insufficient input sanitization and output escaping, affecting Apache-based environments. Exploi...
CVE-2024-13504 Shared Files – Frontend File Upload Form & Secure File Sharing <= 1.7.42 - Limited Unauthenticated Stored Cross-Site Scripting via File Upload
The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to, and including, 1.7.42 due to insufficient input sanitization and output escaping. This makes it possible for...