Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
TammersoftShared Files

3 matches found

CVE
CVEadded 2023/10/16 7:38 p.m.52 views

CVE-2023-4819

The CVE-2023-4819 entry concerns the Shared Files WordPress plugin prior to version 1.7.6. Affected component: the upload handling (Content-Type header) for uploaded files. Root cause: the plugin does not return the correct Content-Type, enabling an attacker to upload an allowed file extension th...

6.1CVSS6.3AI score0.0042EPSS
Web
CVE
CVEadded 2021/10/18 1:46 p.m.51 views

CVE-2021-24736

The CVE-2021-24736 entry concerns the WordPress Shared Files plugin (admin+ stored XSS) prior to version 1.6.57. Connected sources confirm a stored Cross-Site Scripting vulnerability caused by insufficient sanitisation/escaping of certain plugin settings output in HTML attributes, enabling JavaSc...

4.8CVSS4.8AI score0.00622EPSS
CVE
CVEadded 2021/11/17 10:16 a.m.44 views

CVE-2021-24856

CVE-2021-24856 affects WordPress Shared Files plugin versions prior to 1.6.61. The vulnerability is a stored XSS in the Download Counter Text setting caused by insufficient sanitization/escaping, allowing an attacker with high privileges to execute JavaScript in the victim’s browser even when unf...

4.8CVSS4.7AI score0.00647EPSS