Vulnerabilities > CVE-2022-2544 - Unspecified vulnerability in Wpmanageninja Ninja JOB Board 1.0.0/1.2.2/1.3.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
wpmanageninja

Summary

The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.