3 matches found
CVE-2025-14293
CVE-2025-14293 : WP Job Portal for WordPress suffers an Authenticated Arbitrary File Read in all versions up to 2.4.0 via the downloadCustomUploadedFile function. Exploitation requires Subscriber+ level access . Impact is exposure of sensitive server files; the Wordfence vulnerability report list...
CVE-2025-14293 WP Job Portal <= 2.4.0 - Authenticated (Subscriber+) Arbitrary File Read
The WP Job Portal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.4.0 via the 'downloadCustomUploadedFile' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary file...
WordPress plugin WP Job Portal 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An arbitrary file read vulnerability exists in WordPress Wp Job Portal, which stems from improper handling of the downloadCustomUploadedFile function, and can be exploited ...