: Versions 1.0.1 and earlier allowed Remote File Inclusion (RFI) via the php_root_path parameter.
systemctl stop xshare.service mv /opt/xshare/old /opt/xshare/current systemctl start xshare.service xshare 299103 patched
: Unauthenticated attackers can reset the plugin's settings by tricking an administrator into clicking a malicious link. : Versions 1
# 1️⃣ Download the signed package curl -O https://downloads.xshare.io/releases/299103/xshare-299103.tar.gz curl -O https://downloads.xshare.io/releases/299103/SHASUMS256.txt.asc gpg --verify SHASUMS256.txt.asc SHASUMS256.txt # Verify signature For years, we’ve relied on the convenience of
Alternatively, run the built-in vulnerability scanner (added in the patch): xshare-cli --audit If the output returns [CRITICAL] CVE-2025-1198: Unpatched , you need to install immediately.
For years, we’ve relied on the convenience of "tap and share." Whether you are using XShare on Infinix devices
: Patched versions may attempt to streamline the intuitive interface to reduce lag and speed up the "QR code matching" process.