CVE-2020-35749

high-risk
Published 2021-01-15

Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php.

Do I need to act?

!
76.8% chance of exploitation in next 30 days
EPSS score — higher than 23% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
2 public exploits available
49450, 50721
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.7/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Presstigers

References (6)

Exploit http://packetstormsecurity.com/files/161050/Simple-JobBoard-Authenticated-File-R...
Exploit http://packetstormsecurity.com/files/165892/WordPress-Simple-Job-Board-2.9.3-Loc...
Exploit https://docs.google.com/document/d/1TbePkrRGsczepBaJptIdVRvfRrjiC5hjGg_Vxdesw6E/...
Exploit http://packetstormsecurity.com/files/161050/Simple-JobBoard-Authenticated-File-R...
Exploit http://packetstormsecurity.com/files/165892/WordPress-Simple-Job-Board-2.9.3-Loc...
Exploit https://docs.google.com/document/d/1TbePkrRGsczepBaJptIdVRvfRrjiC5hjGg_Vxdesw6E/...
59
/ 100
high-risk
Severity 27/34 · High
Exploitability 27/34 · High
Exposure 5/34 · Minimal