CVE-2024-7762: Simple Job Board < 2.12.6 - Unauthenticated Resumes Download

7.5 CVSS

Description

The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes

Classification

CVE ID: CVE-2024-7762

CVSS Base Severity: HIGH

CVSS Base Score: 7.5

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem Types

CWE-200 Information Exposure

Affected Products

Vendor: Unknown

Product: Simple Job Board

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.31% (scored less or equal to compared to others)

EPSS Date: 2025-06-06 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-7762
https://wpscan.com/vulnerability/26403e72-c927-4649-b789-694a10ad0492/

Timeline