CVE Vulnerabilities

CVE-2022-4061

Published: Dec 19, 2022 | Modified: Apr 17, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.

Affected Software

Name Vendor Start Version End Version
Jobboardwp Ultimatemember * 1.2.2 (excluding)

References