CVE-2023-6585

Published: Feb 27, 2024Modified: May 1, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The WP JobSearch WordPress plugin before 2.3.4 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server

Affected (1)

Products: Eyecix: Jobsearch Wp Job Board

Eyecix

1 product

Jobsearch Wp Job Board

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Eyecix Jobsearch Wp Job Board	Before 2.3.4

References (2)

https://wpscan.com/vulnerability/757412f4-e4f8-4007-8e3b-639a72b33180/

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/757412f4-e4f8-4007-8e3b-639a72b33180/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.