CVE-2021-24736

Summary

The Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files WordPress plugin before 1.6.57 does not sanitise and escape some of its settings before outputting them in attributes, which could lead to Stored Cross-Site Scripting issues.

Affected Software

VendorProductVersion RangeStatus
UnknownEasy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files1.6.57 < 1.6.57affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References