Lucene search
WPScanCVE-2022-2544HistoryAug 22, 2022 - 3:15 p.m.
CVE-2022-2544
2022-08-2215:15:15
CWE-425
WPScan
web.nvd.nist.gov
48
4
cve-2022-2544
ninja job board
wordpress plugin
directory listing
unauthenticated
security vulnerability
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.011
Percentile
84.5%
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.
Affected configurations
Node
wpmanageninjaninja_job_boardRange<1.3.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpmanageninja | ninja_job_board | * | cpe:2.3:a:wpmanageninja:ninja_job_board:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"product": "Ninja Job Board – Ultimate WordPress Job Board Plugin",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.3.3",
"status": "affected",
"version": "1.3.3",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
wpexploit
wpexploit
Ninja Job Board < 1.3.3 - Resume Disclosure via Directory Listing
2022-08-01 00:00:00
nvd
nvd
CVE-2022-2544
2022-08-22 15:15:15
wpvulndb
wpvulndb
Ninja Job Board < 1.3.3 - Resume Disclosure via Directory Listing
2022-08-01 00:00:00
nuclei
nuclei
WordPress Ninja Job Board < 1.3.3 - Direct Request
2022-09-16 22:38:40
patchstack
patchstack
prion
prion
Design/Logic Flaw
2022-08-22 15:15:00
cvelist
cvelist
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.011
Percentile
84.5%
Related for CVE-2022-2544