Back to search
CVE-2023-4933
Published: Oct 16, 2023
Modified: Aug 2, 2024
PUBLISHED
Description
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled.
| Vendor | Product | Versions |
|---|---|---|
Unknown | WP Job Openings | affected 0 - < 3.4.3 |
References
https://wpscan.com/vulnerability/882f6c36-44c6-4273-81cd-2eaaf5e81fa7
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now