CVE-2021-24736

CVE-2021-24736: Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting

Vendor Unknown
Product Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files
Weakness CWE-79 · XSS
Published October 18, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files WordPress plugin before 1.6.57 does not sanitise and escape some of its settings before outputting them in attributes, which could lead to Stored Cross-Site Scripting issues.

Key dates

02Disclosure timeline

October 18, 2021 CVE published
August 3, 2024 Record updated