High severity7.5NVD Advisory· Published Oct 19, 2017· Updated Jun 17, 2026
CVE-2015-6668
CVE-2015-6668
Description
The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute force attack to the WordPress upload directory structure, related to an insecure direct object reference.
Affected products
2- Range: <0.7.25
Patches
Vulnerability mechanics
References
2- vagmour.eu/cve-2015-6668-cv-filename-disclosure-on-job-manager-wordpress-plugin/nvdExploitTechnical DescriptionThird Party Advisory
- wpvulndb.com/vulnerabilities/8167nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.