cleantalk
Vulnerabilities and Security Researches

Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation, CVE-2023-4819

CVE, Research URL

CVE-2023-4819

Home page URL

Security reports for Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation

Application

Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation

Published on
Oct 17, 2023
Research Description
The Shared Files WordPress plugin before 1.7.6 does not return the right Content-Type header for the specified uploaded file. Therefore, an attacker can upload an allowed file extension injected with malicious scripts.
Affected versions
Min -, max 1.7.6.
Status
vulnerable
Previous vulnerability researches
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2024-43230) , Aug 13, 2024
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2022-4974) , Nov 14, 2024
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2021-24856) , Jun 07, 2024
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2021-24736) , Jun 07, 2024
Shared Files – Advanced File Sharing & Download Manager with Frontend Uploads & Lead Generation (CVE-2023-4819) , Jun 07, 2024
New vulnerability
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, (CVE-2025-5292) , Jun 06, 2025
Newsletters (CVE-2025-4857) , Jun 06, 2025
Royal Elementor Addons and Templates (CVE-2025-3813) , Jun 06, 2025