CVE-2022-2558

Exploit

EPSS 0.44%
Veröffentlicht 22.08.2022 15:15:15
Zuletzt bearbeitet 21.11.2024 07:01:14
Quelle contact@wpscan.com
CVE-Watchlists
Login
Unerledigt
Login

Simple Job Board <= 2.9.6 - Information Disclosure

The Simple Job Board WordPress plugin before 2.10.0 is susceptible to Directory Listing which allows the public listing of uploaded resumes in certain configurations.

Mögliche Gegenmaßnahme

Simple Job Board: Update to version 2.9.10, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt Simple Job Board

Version *-2.9.6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Presstigers ≫ Simple Job Board SwPlatformwordpress Version < 2.10.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.44%	0.627

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://wpscan.com/vulnerability/6e096269-eedc-4614-88ce-6795c4adf32f

Third Party Advisory

Exploit

https://www.wordfence.com/threat-intel/vulnerabilities/id/838ccf02-2b01-42f8-b5bf-6fafbb2db673

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-2558

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-2558

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-2558

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-2558