CVE-2022-4061

Name of the Vulnerable Software and Affected Versions JobBoardWP WordPress plugin versions prior to 1.2.2

Description The issue allows unauthenticated users to upload arbitrary files, such as PHP, due to improper validation of file names and types in the file upload functionalities.

Recommendations For versions prior to 1.2.2, update to version 1.2.2 or later to resolve the issue. As a temporary workaround, consider disabling the file upload functionality until a patch is available. Restrict access to the file upload module to minimize the risk of exploitation. Avoid using the file upload feature in the affected plugin until the issue is resolved.