Published: 15/01/2021 Updated: 22/02/2022

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 7.7 | Impact Score: 4 | Exploitability Score: 3.1

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and previous versions for WordPress allows remote malicious users to read arbitrary files via the sjb_file parameter to wp-admin/post.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
presstigers simple board job

WordPress Simple Job Board plugin version 293 suffers from a local file inclusion vulnerability ...

This Metasploit module exploits an authenticated directory traversal vulnerability in WordPress plugin Simple JobBoard versions prior to 293 to perform an arbitrary file read with the web server privileges ...

Wordpress Plugin Simple Job Board 2.9.3 LFI Vulnerability (CVE-2020-35749) proof of concept exploit

Wordpress Plugin Simple Job Board 293 LFI Vulnerability (CVE-2020-35749) Exploit Summary WordPress Plugin Simple Job Board is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks WordPress Plugin Simple Job Board v

CWE-22 https://docs.google.com/document/d/1TbePkrRGsczepBaJptIdVRvfRrjiC5hjGg_Vxdesw6E/edit?usp=sharing http://packetstormsecurity.com/files/161050/Simple-JobBoard-Authenticated-File-Read.html http://packetstormsecurity.com/files/165892/WordPress-Simple-Job-Board-2.9.3-Local-File-Inclusion.html https://nvd.nist.gov https://github.com/M4xSec/Wordpress-CVE-2020-35749 https://packetstormsecurity.com/files/165892/WordPress-Simple-Job-Board-2.9.3-Local-File-Inclusion.html

CVE-2020-35749

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect