Vulnerability Details CVE-2022-4061
The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.157
EPSS Ranking 94.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-4061
-
cpe:2.3:a:ultimatemember:jobboardwp:-
-
cpe:2.3:a:ultimatemember:jobboardwp:1.0.0
-
cpe:2.3:a:ultimatemember:jobboardwp:1.0.1
-
cpe:2.3:a:ultimatemember:jobboardwp:1.0.2
-
cpe:2.3:a:ultimatemember:jobboardwp:1.0.3
-
cpe:2.3:a:ultimatemember:jobboardwp:1.0.4
-
cpe:2.3:a:ultimatemember:jobboardwp:1.0.5
-
cpe:2.3:a:ultimatemember:jobboardwp:1.0.6
-
cpe:2.3:a:ultimatemember:jobboardwp:1.0.7
-
cpe:2.3:a:ultimatemember:jobboardwp:1.1.0
-
cpe:2.3:a:ultimatemember:jobboardwp:1.2.0
-
cpe:2.3:a:ultimatemember:jobboardwp:1.2.1