Lucene search

K
wpexploitDaniel RufWPEX-ID:A9BCC68C-EEDA-4647-8463-E7E136733053
HistoryAug 01, 2022 - 12:00 a.m.

Ninja Job Board < 1.3.3 - Resume Disclosure via Directory Listing

2022-08-0100:00:00
Daniel Ruf
73

0.011 Low

EPSS

Percentile

84.7%

The plugin does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.

curl https://example.com/wp-content/uploads/wpjobboard

Search for this path / folder in search engines to find uploaded resumes.

0.011 Low

EPSS

Percentile

84.7%

Related for WPEX-ID:A9BCC68C-EEDA-4647-8463-E7E136733053