Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbDmitrii IgnatyevWPVDB-ID:911D495C-3867-4259-A73A-572CD4FCCDDE
HistoryNov 06, 2023 - 12:00 a.m.

Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure

2023-11-0600:00:00
Dmitrii Ignatyev
wpscan.com
directory listings
unauthorized access
sensitive data exposure
confidential data
security threat

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.1%

JSON

Description The plugin contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users without their permission.

PoC

http://your_site/wordpress/wp-content/uploads/thjmf_uploads

CPENameOperatorVersion
eq1.4.4

Related

cve 1
wpexploit 1
prion 1
cvelist 1
nvd 1
wordfence 1
cve
cve
CVE-2023-5906
2023-11-27 17:15:09
wpexploit
wpexploit
Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure
2023-11-06 00:00:00
prion
prion
Design/Logic Flaw
2023-11-27 17:15:00
cvelist
cvelist
CVE-2023-5906 Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure
2023-11-27 16:21:59
nvd
nvd
CVE-2023-5906
2023-11-27 17:15:09
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (November 6, 2023 to November 12, 2023)
2023-11-16 19:16:47

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.1%

JSON
Related for WPVDB-ID:911D495C-3867-4259-A73A-572CD4FCCDDE
cve1wpexploit1prion1cvelist1nvd1wordfence1