The Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files WordPress plugin before 1.6.57 does not sanitise and escape some of its settings before outputting them in attributes, which could lead to Stored Cross-Site Scripting issues.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/d72275bd-0c66-4b2a-940d-d5256b5426cc | Exploit Third Party Advisory |
Configurations
History
07 Nov 2023, 03:31
Type | Values Removed | Values Added |
---|---|---|
Summary | The Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files WordPress plugin before 1.6.57 does not sanitise and escape some of its settings before outputting them in attributes, which could lead to Stored Cross-Site Scripting issues. |
Information
Published : 2021-10-18 14:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-24736
Mitre link : CVE-2021-24736
CVE.ORG link : CVE-2021-24736
JSON object : View
Products Affected
tammersoft
- shared_files
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')