Lucene search
K

4 matches found

CVE
CVE
added 2025/06/03 9:22 a.m.59 views

CVE-2025-4392

The CVE-2025-4392 entry concerns the WordPress plugin Shared Files – Frontend File Upload Form & Secure File Sharing. Affected versions: up to 1.7.48. Root cause: insufficient input sanitization and output escaping in the sanitize_file() function, allowing unauthenticated stored XSS via html file...

7.2CVSS6.3AI score0.00305EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/03 9:22 a.m.22 views

CVE-2025-4392 Shared Files <= 1.7.48 - Unauthenticated Stored Cross-Site Scripting via sanitize_file Function

The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via html File uploads in all versions up to, and including, 1.7.48 due to insufficient input sanitization and output escaping within the sanitizefile function. This...

7.2CVSS0.00305EPSS
Exploits0References4
Circl
Circl
added 2025/06/03 5:7 a.m.18 views

CVE-2025-4392

creationtimestamp| type| source ---|---|--- 2025-06-03 05:07:12+00:00| seen| https://bsky.app/profile/undercode.bsky.social/post/3lqojh7urjl2q...

7.2CVSS7.3AI score0.00305EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/02 9:15 p.m.9 views

WordPress Shared Files plugin <= 1.7.48 - Unauthenticated Stored Cross-Site Scripting via sanitize_file Function vulnerability

Unauthenticated Stored Cross-Site Scripting via sanitizefile Function vulnerability discovered by Martin Martin in WordPress Plugin Shared Files versions = 1.7.48...

7.2CVSS5.5AI score0.00305EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder