CVE-2022-2544
published 2022-08-22CVE-2022-2544: The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated…
PriorityP354high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
3.16%
86.4th percentile
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wpmanageninja | ninja_job_board | < 1.3.3 | 1.3.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect unauthenticated directory listing of the wpjobboard uploads directory by matching the 'Index of' string in the HTTP response body for the path /wp-content/uploads/wpjobboard/ ↗
- →Check for HTTP 200 response with Content-Type text/html when requesting /wp-content/uploads/wpjobboard/ unauthenticated; a successful directory listing response confirms exploitation. ↗
- ·The vulnerable path may be prefixed with /wp/ depending on the WordPress installation layout; both /wp/wp-content/uploads/wpjobboard/ and /wp-content/uploads/wpjobboard/ should be probed, stopping at first match. ↗
- ·Vulnerability only affects Ninja Job Board plugin versions prior to 1.3.3; patched in changeset 2758420 via FileHandler.php update. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WordPress Ninja Job Board < 1.3.3 - Direct Request
nuclei·CVSS 7.5
CVE-2022-2544 [HIGH] WordPress Ninja Job Board < 1.3.3 - Direct Request
WordPress Ninja Job Board < 1.3.3 - Direct Request
WordPress Ninja Job Board plugin prior to 1.3.3 is susceptible to a direct request vulnerability. The plugin does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated directory listing which allows the download of uploaded resumes.
Template:
id: CVE-2022-2544
info:
name: WordPress Ninja Job Board < 1.3.3 - Direct Request
author: tess
severity: high
description: WordPress Ninja Job Board plugin prior to 1.3.3 is susceptible to a direct request vulnerability. The plugin does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated directory listing which allows the download of uploaded resumes.
impact: |
An attacker can access sensitive files and po
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/2758420/ninja-job-board/trunk/includes/Classes/File/FileHandler.php?old=2126467&old_path=ninja-job-board%2Ftrunk%2Fincludes%2FClasses%2FFile%2FFileHandler.phphttps://wpscan.com/vulnerability/a9bcc68c-eeda-4647-8463-e7e136733053https://plugins.trac.wordpress.org/changeset/2758420/ninja-job-board/trunk/includes/Classes/File/FileHandler.php?old=2126467&old_path=ninja-job-board%2Ftrunk%2Fincludes%2FClasses%2FFile%2FFileHandler.phphttps://wpscan.com/vulnerability/a9bcc68c-eeda-4647-8463-e7e136733053
2022-08-22
Published