CVE-2023-5906

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 27, 2023
Updated: Dec 1, 2023

Summary

CVE-2023-5906 is a vulnerability affecting the Job Manager & Career WordPress plugin before version 1.4.4. This issue lies in the Directory Listings system, which enables unauthorized users to view and download private files of other users. The consequences of this vulnerability are significant as attackers can gain unauthorized access to confidential data and files of other users, posing a serious security risk to the affected WordPress sites.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share