Simple Job Board <= 2.9.6 is vulnerable to Resume Disclosure via Directory Listing

Unauthenticated

Published
2022-07-31

The plugin Simple Job Board for WordPress is vulnerable to Information Disclosure in versions up to, and including, 2.9.6. This makes it possible for attackers do extract sensitive information such as resumes.

CVE

https://www.cve.org/CVERecord?id=CVE-2022-2558

CVSS

Score:5.3

Severity:Medium

Version: 2.9.6

There is a patch available in v2.10.0 and we strongly recommend you update to this version as soon as possible.