CVE-2023-6585

Name of the Vulnerable Software and Affected Versions WP JobSearch WordPress plugin versions prior to 2.3.4

Description The issue allows unauthenticated attackers to upload arbitrary files, such as PHP files, to the server due to a lack of file validation for uploads. This could potentially lead to malicious code execution on the server.

Recommendations For WP JobSearch WordPress plugin versions prior to 2.3.4, update to version 2.3.4 or later to resolve the issue. As a temporary workaround, consider disabling file upload functionality until a patch is applied. Restrict access to the upload feature to minimize the risk of exploitation. Avoid using the plugin's upload feature until the issue is resolved.