CVE-2023-4933
WP Job Openings < 3.4.3 - Sensitive Data Exposure via Directory ListingThe WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled.
We have discovered 780 live websites that are affected by CVE-2023-4933.
Contact us to get more info
Common Weakness Enumeration
CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory