CVE-2023-4819 – Shared Files < 1.7.6 - Unauthenticated Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2023-4819
The Shared Files WordPress plugin before 1.7.6 does not return the right Content-Type header for the specified uploaded file. Therefore, an attacker can upload an allowed file extension injected with malicious scripts. El complemento Shared Files de WordPress anterior a 1.7.6 no devuelve el encabezado de tipo de contenido correcto para el archivo cargado especificado. Por lo tanto, un atacante puede cargar una extensión de archivo permitida inyectada con scripts maliciosos. The Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded file content in all versions up to, and including, 1.7.5 due to the plugin not returning the correct 'Content-Type' header when viewing uploaded files. • https://wpscan.com/vulnerability/4423b023-cf4a-46cb-b314-7a09ac08b29a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-24856 – Shared Files < 1.6.61 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24856
The Shared Files WordPress plugin before 1.6.61 does not sanitise and escape the Download Counter Text settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed El plugin Shared Files de WordPress versiones anteriores a 1.6.61, no sanea ni escapa de la configuración del texto del contador de descargas, que podría permitir a usuarios con altos privilegios llevar a cabo ataques de tipo Cross-Site Scripting incluso cuando la capacidad unfiltered_html no está permitida • https://mikadmin.fr/tech/XSS-Stored-Shared-Files-a837703ad010d111be11ffdf478aa6114F0lK656bV.pdf https://wpscan.com/vulnerability/8fd483fb-d399-4b4f-b4ef-bbfad1b5cf1b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-24736 – Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-24736
The Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files WordPress plugin before 1.6.57 does not sanitise and escape some of its settings before outputting them in attributes, which could lead to Stored Cross-Site Scripting issues. El plugin Easy Download Manager and File Sharing Plugin with frontend file upload - a better Media Library - Shared Files de WordPress versiones anteriores a 1.6.57, no sanea y escapa de algunas de sus configuraciones antes de mostrarlas en los atributos, que podría conllevar a problemas de tipo Cross-Site Scripting Almacenado • https://wpscan.com/vulnerability/d72275bd-0c66-4b2a-940d-d5256b5426cc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •