Job Manager & Career < 1.4.4 – Directory listing to Sensitive Data Exposure | CVE 2023-5906

Description

The plugin contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users without their permission.

Proof of Concept

http://your_site/wordpress/wp-content/uploads/thjmf_uploads

Affects Plugins

job-manager-career

Fixed in 1.4.4

References

CVE

CVE-2023-5906

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CWE-200

CVSS

7.5 (high)

Miscellaneous

Original Researcher

Dmitrii Ignatyev

Submitter

Dmitrii Ignatyev

Submitter website

https://research.cleantalk.org

Verified

Yes

WPVDB ID

911d495c-3867-4259-a73a-572cd4fccdde

Timeline

Publicly Published

2023-11-06 (about 6 months ago)

Added

2023-11-06 (about 6 months ago)

Last Updated

2023-11-06 (about 6 months ago)

Other

Published

Title

Published

2023-12-06

Title

WP Staging (Free < 3.1.3, Pro < 5.1.3) - Unauthenticated Backup Download

Published

2024-04-24

Title

Essential Addons for Elementor < 5.9.16 - Information Exposure

Published

2022-09-22

Title

Customer Reviews for WooCommerce < 5.3.6 - Unauthenticated Sensitive Information Disclosure

Published

2023-12-18

Title

BackWPup < 4.0.4 - Unauthenticated Backup Download

Published

2024-03-12

Title

Post Grid Combo – 36+ Gutenberg Blocks < 2.2.69 - Information Exposure via get_posts API Endpoint