← back
CVE-2023-5906

Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure

EPSS 0.8%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Nov 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users without their permission.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →