PT-2025-21503 · WordPress · Simple Job Board
Dmitry Ignatyev
·
Published
2025-05-15
·
Updated
2025-08-29
·
CVE-2024-7762
CVSS v3.1
3.7
Low
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
The Simple Job Board WordPress plugin versions prior to 2.12.6
Description:
The issue allows unauthenticated users to access and download uploaded resumes because the plugin does not prevent uploaded files from being listed.
Recommendations:
For versions prior to 2.12.6, update to version 2.12.6 or later to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Simple Job Board