Medium 6.8
2026-03-30< 1.7.58
Shared Files – Frontend File Upload Form & Secure File Sharing < 1.7.58 - Authenticated (Contributor+) Arbitrary File Download
Shared Files – Frontend File Upload Form & Secure File Sharing
Minimum safe version
1.7.58
Update to 1.7.58 or later to address 14 fixable vulnerabilities
Latest available1.7.64 ✓
High 7.2
2025-06-03< 1.7.49
Shared Files <= 1.7.48 - Unauthenticated Stored Cross-Site Scripting via sanitize_file Function
High 7.2
2025-01-31< 1.7.43
CVE-2024-13504
Medium 6.3
2024-10-16< 1.6.72
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Medium 5.3
2024-08-26< 1.7.29
CVE-2024-43230
Medium 5.3
2026-02-20< 1.7.20
CVE-2024-34438
Medium 5.3
2024-04-23< 1.7.17
CVE-2024-32679
Medium 6.1
2023-10-17< 1.7.6
WordPress Shared Files Plugin < 1.7.6 is vulnerable to Cross Site Scripting (XSS)
N/A
2023-07-18< 1.7.1
WordPress Shared Files Plugin < 1.7.1 is vulnerable to Cross Site Scripting (XSS)
N/A
2022-03-04< 1.6.72
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2022-02-28< 1.6.72
WordPress Shared Files plugin < 1.6.72 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 1.6.72
WordPress Shared Files plugin < 1.6.72 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Medium 4.8
2021-10-18< 1.6.72
CVE-2021-24736
Medium 4.8
2021-11-17< 1.6.72
CVE-2021-24856