CVE-2022-2544

Summary

The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated Directory Listing which allows the download of uploaded resumes.

Affected Software

VendorProductVersion RangeStatus
UnknownNinja Job Board – Ultimate WordPress Job Board Plugin1.3.3 < 1.3.3affected

Weaknesses

  • CWE-425: CWE-425 Direct Request ('Forced Browsing')

ADP Enrichment

CVE Program Container

Additional References

References