Vulnerabilities > CVE-2023-5906 - Unspecified vulnerability in Themehigh JOB Manager & Career

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

themehigh

NVD

Published: 2023-11-27

Updated: 2023-12-01

Summary

The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users without their permission.

Vulnerable Configurations

Part	Description	Count
Application	Themehigh Themehigh JOB Manager & Career 1.0.0 Themehigh JOB Manager & Career 1.0.1 Themehigh JOB Manager & Career 1.0.2 Themehigh JOB Manager & Career 1.1.0 Themehigh JOB Manager & Career 1.1.1 Themehigh JOB Manager & Career 1.2.0 Themehigh JOB Manager & Career 1.2.1 Themehigh JOB Manager & Career 1.2.2 Themehigh JOB Manager & Career 1.2.3 Themehigh JOB Manager & Career 1.2.4 Themehigh JOB Manager & Career 1.3.0 Themehigh JOB Manager & Career 1.4.0 Themehigh JOB Manager & Career 1.4.1 Themehigh JOB Manager & Career 1.4.2 Themehigh JOB Manager & Career 1.4.3	15

References

https://wpscan.com/vulnerability/911d495c-3867-4259-a73a-572cd4fccdde