漏洞描述
Wpjobboard 是 Wordpress 的一款插件。Wpjobboard插件允许网站所有者嵌入支付表单,通过Visa、American Express、Discover和Mastercard通过其Click Pledge商户账户进行支付。Wpjobboard插件存在目录遍历漏洞,攻击者可通过该漏洞查看服务器中的敏感目录和文件,控制整个系统,最终导致系统处于极度不安全状态。
Wordpress wpjobboard 插件 wpjobboard 页面目录遍历漏洞(CVE-2022-2544)
PoC代码
暂无相关漏洞推荐
- Wordpress Plugin Depicter /wp-admin/admin-ajax.php depicter-lead-list SQL 注入漏洞(CVE-2025-2011)
- Wordpress Plugin Eventin /wp-admin/admin-ajax.php proxy_image 文件读取漏洞(CVE-2025-3419)
- Wordpress Plugin Ultimate Auction Pro /wp-admin/admin-ajax.php uwa_see_more_bids_ajax SQL 注入漏洞 (CVE-2025-4204)
- Wordpress WooCommerce Ultimate Gift Card /wp-admin/admin-ajax.php mwb_wgm_preview_mail 文件上传漏洞(CVE-2024-8425)
- wordpress-ext-adaptive-images-lfi: Wordpress Ext Adaptive Images lfi
- wordpress-ext-mailpress-rce: Wordpress Ext Mailpress RCE
- wordpress-wpconfig-inclosure: Wordpress wpconfig disclosure
- POC CVE-2016-10924: Wordpress Zedna eBook download <1.2 - Local File Inclusion
- POC CVE-2020-29395: Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting
- POC CVE-2020-35951: Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion
- POC CVE-2020-8615: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery
- POC CVE-2021-24442: Wordpress Polls Widget < 1.5.3 - SQL Injection
- POC CVE-2021-24495: Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting