Really Simple Security logo

Log out
Get PRO

Latest

Access violation vulnerability in WordPress File Sharing Plugin 2.0.5

  • Severity: medium-risk
  • Status: Fixed
  • Publication: October 11, 2023

The WordPress File Sharing Plugin is a tool for WordPress websites that allows users to share files. Unfortunately, there is a security flaw in all versions of the plugin up to version 2.0.5. This flaw allows unauthenticated attackers to access files and folders that belong to other users. This is due to a missing validation on a user-controlled key.

Detected in:

File Sharing & Download Manager – User Private Files fixed vulnerable versions:
User Private Files – File Upload & Download Manager with Secure File Sharing fixed vulnerable versions:
User Private Files – Upload and Share Files with Secure WordPress File Manager fixed vulnerable versions:
User Private Files – Upload Documents & Secure File Sharing with Frontend File Manager fixed vulnerable versions:
User Private Files – WordPress File Sharing Plugin fixed vulnerable versions:
WordPress File Sharing Plugin fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.