Back to search
CVE-2023-4819
Published: Oct 16, 2023
Modified: Apr 23, 2025
PUBLISHED
Description
The Shared Files WordPress plugin before 1.7.6 does not return the right Content-Type header for the specified uploaded file. Therefore, an attacker can upload an allowed file extension injected with malicious scripts.
| Vendor | Product | Versions |
|---|---|---|
Unknown | Shared Files | affected 0 - < 1.7.6 |
References
https://wpscan.com/vulnerability/4423b023-cf4a-46cb-b314-7a09ac08b29a
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now