CVE-2022-2544

CVE-2022-2544: Ninja Job Board < 1.3.3 - Resume Disclosure via Directory Listing

Vendor Unknown
Product Ninja Job Board – Ultimate WordPress Job Board Plugin
Weakness CWE-425 · Forced browsing
Published August 22, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.

Key dates

02Disclosure timeline

August 22, 2022 CVE published
August 3, 2024 Record updated