What is CVE-2020-35749?

CVE-2020-35749 is a vulnerability in N/a. Published 2021-01-15.

Is CVE-2020-35749 known to be exploited?

11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-35749

Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/p…

EPSS: 0.779 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

M4xSec/Wordpress-CVE-2020-35749
20142995/nuclei-templates
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
Enes4xd/Enes4xd
cr0ss2018/cr0ss2018
ezelnur6327/Enes4xd
ezelnur6327/enesamaafkolan
ezelnur6327/ezelnur6327

References

docs.google.com/document/d/1TbePkrRGsczepBaJptIdVRvfRrjiC5hjGg_Vxdesw6E/edit (x_refsource_MISC)
packetstormsecurity.com/files/161050/Simple-JobBoard-Authenticated-File-Read.ht… (x_refsource_MISC)
packetstormsecurity.com/files/165892/WordPress-Simple-Job-Board-2.9.3-Local-Fil… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-35749?: CVE-2020-35749 is a vulnerability in N/a. Published 2021-01-15.
Is CVE-2020-35749 known to be exploited?: 11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.