{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14293", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-12-08T19:46:21.034Z", "datePublished": "2025-12-11T20:22:09.209Z", "dateUpdated": "2026-04-08T16:59:34.317Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:59:34.317Z"}, "affected": [{"vendor": "wpjobportal", "product": "WP Job Portal \u2013 AI-Powered Recruitment System for Company or Job Board website", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.4.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP Job Portal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.4.0 via the 'downloadCustomUploadedFile' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}], "title": "WP Job Portal <= 2.4.0 - Authenticated (Subscriber+) Arbitrary File Read", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dfcd264-39e3-44af-8e0e-5c35734524d0?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.3.9/modules/customfield/model.php#L908"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.4.1/modules/customfield/model.php#L908"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "cweId": "CWE-22", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Long Nguyen"}], "timeline": [{"time": "2026-02-14T06:40:03.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-12-11T06:34:28.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-11T21:05:00.571565Z", "id": "CVE-2025-14293", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-11T21:18:15.841Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14293", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-11T21:05:00.571565Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-11T21:16:51.635Z"}}], "cna": {"title": "WP Job Portal <= 2.4.0 - Authenticated (Subscriber+) Arbitrary File Read", "credits": [{"lang": "en", "type": "finder", "value": "Long Nguyen"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "wpjobportal", "product": "WP Job Portal \u2013 AI-Powered Recruitment System for Company or Job Board website", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2.4.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-11T06:34:28.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dfcd264-39e3-44af-8e0e-5c35734524d0?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.3.9/modules/customfield/model.php#L908"}], "descriptions": [{"lang": "en", "value": "The WP Job Portal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.4.0 via the 'downloadCustomUploadedFile' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2025-12-11T20:22:09.209Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14293", "state": "PUBLISHED", "dateUpdated": "2025-12-11T21:18:15.841Z", "dateReserved": "2025-12-08T19:46:21.034Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-12-11T20:22:09.209Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP Job Portal plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.4.0 via the 'downloadCustomUploadedFile' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."}], "id": "CVE-2025-14293", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-12-11T21:15:46.730", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.3.9/modules/customfield/model.php#L908"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/wp-job-portal/tags/2.4.1/modules/customfield/model.php#L908"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dfcd264-39e3-44af-8e0e-5c35734524d0?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T17:34:09.773696+00:00", "value": {"mitigation_remediation": ["Upgrade the WP Job Portal plugin to version 2.4.1 or later to eliminate the vulnerable file\u2011read endpoint.", "If an immediate upgrade is not possible, disable or restrict the 'downloadCustomUploadedFile' action for all users except those who require it, or limit access to a whitelisted set of file paths.", "Verify that the web server\u2019s file permissions and the subscriber role\u2019s capabilities do not allow reading of sensitive files, and apply the principle of least privilege to all user accounts."], "summary": {"action": "Patch", "impact": "Unauthorized File Disclosure"}, "threat_synthesis": {"affected_systems": "The flaw affects installations of WP Job Portal \u2013 AI\u2011Powered Recruitment System for Company or Job Board website, versions 2.4.0 and earlier. The plugin is distributed under the WP Job Portal name and is typically installed within a WordPress site.", "description_and_impact": "A vulnerability in the WP Job Portal WordPress plugin allows an authenticated user with at least subscriber-level access to invoke the 'downloadCustomUploadedFile' function and read any file on the server. The flaw results from unchecked file path handling, enabling the attacker to retrieve sensitive or confidential contents. This directly compromises the confidentiality of server files and can expose private data, configuration files or credentials.", "risk_and_exploitability": "The CVSS score of 6.5 categorises this issue as moderate severity, with an EPSS score of less than 1\u202f% indicating a low probability of exploitation at present. It is not listed in the CISA KEV catalog. An attacker must first log in as a user with subscriber or higher role and then send a crafted request to the endpoint; the lack of file\u2011path validation enables arbitrary file read from the server."}}}}, "created": "2025-12-12T08:49:36.091502+00:00", "updated": "2026-04-21T17:45:16.479586+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress", "wpjobportal", "wpjobportal$PRODUCT$wp_job_portal"]}