CVE-2025-14293 | WP Job Portal Plugin up to 2.4.0 on WordPress downloadCustomUploadedFile path traversal

December 11, 2025 Yanac

A vulnerability was found in WP Job Portal Plugin up to 2.4.0 on WordPress and classified as critical. Affected by this issue is the function downloadCustomUploadedFile. Such manipulation leads to path traversal.

This vulnerability is traded as CVE-2025-14293. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More

CVE-2025-14526 | Tenda CH22 1.0.0.1 /goform/L7Im frmL7ImForm page buffer overflow
CVE-2025-12734 | GitLab Community Edition/Enterprise Edition up to 18.4.5/18.5.3/18.6.1 Merge escape output (Issue 579573)