CVE-2020-35749
The CVE-2020-35749 issue affects WordPress Simple Job Board plugin versions prior to 2.9.4. It allows an authenticated user with the download_resume capability to exploit an LFI (local file inclusion) by not validating the sjb_file parameter when viewing a resume, enabling reading arbitrary serve...