cleantalk
Vulnerabilities and Security Researches

Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation, CVE-2021-24736

CVE, Research URL

CVE-2021-24736

Home page URL

Security reports for Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation

Application

Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation

Published on
Oct 18, 2021
Research Description
The Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files WordPress plugin before 1.6.57 does not sanitise and escape some of its settings before outputting them in attributes, which could lead to Stored Cross-Site Scripting issues.
Affected versions
Min -, max 1.7.1.
Status
vulnerable
Previous vulnerability researches
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2024-43230) , Aug 13, 2024
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2022-4974) , Nov 14, 2024
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2021-24856) , Jun 07, 2024
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2021-24736) , Jun 07, 2024
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2023-4819) , Jun 07, 2024
New vulnerability
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, (CVE-2025-5292) , Jun 06, 2025
Newsletters (CVE-2025-4857) , Jun 06, 2025
Royal Elementor Addons and Templates (CVE-2025-3813) , Jun 06, 2025