CVE-2023-4819
The Shared Files WordPress plugin before 1.7.6 does not return the right Content-Type header for the specified uploaded file. Therefore, an attacker can upload an allowed file extension injected with malicious scripts.
6.1CVSS
6.3AI Score
0.001EPSS