CVE-2022-2558 — Sensitive Information Exposure in Simple JOB Board

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.4%

top 36.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Presstigers Simple JOB Board

Timeline

PublishedAug 22

Latest updateAug 23

Description

The Simple Job Board WordPress plugin before 2.10.0 is susceptible to Directory Listing which allows the public listing of uploaded resumes in certain configurations.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

▶NVDpresstigers/simple_job_board< 2.10.0

🔴Vulnerability Details

GHSA

GHSA-p8xc-8xwv-2wj7: The Simple Job Board WordPress plugin before 2↗2022-08-23

▶

CVEList

Simple Job Board < 2.10.0 - Resume Disclosure via Directory Listing↗2022-08-22

▶