cleantalk
Vulnerabilities and Security Researches

WP Job Openings – Job Listing, Career Page and Recruitment Plugin, CVE-2023-4933

CVE, Research URL

CVE-2023-4933

Home page URL

Security reports for WP Job Openings – Job Listing, Career Page and Recruitment Plugin

Application

WP Job Openings – Job Listing, Career Page and Recruitment Plugin

Published on
Oct 17, 2023
Research Description
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled.
Affected versions
max 3.4.3.
Status
vulnerable
Previous vulnerability researches
WP Job Openings – Job Listing, Career Page and Recruitment Plugin (CVE-2023-45061) , Mar 21, 2025
WP Job Openings – Job Listing, Career Page and Recruitment Plugin (CVE-2023-4933) , Jun 07, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System – Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026