CVE-2020-35749

HIGH NUCLEI

Simple Board Job < 2.9.3 - Authenticated Path Traversal via sjb_file Parameter

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2020-35749. PoCs published by SunCSR Team, Ven3xy, M4xSec. A Nuclei detection template is also available.

AI-analyzed exploit summary This Metasploit module exploits an authenticated directory traversal vulnerability in the WordPress plugin 'Simple JobBoard' versions prior to 2.9.3, allowing arbitrary file read with web server privileges.

Description

Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php.

Exploits (3)

exploitdb WORKING POC VERIFIED

by SunCSR Team · rubywebappsphp

https://www.exploit-db.com/exploits/49450

View Code ZIP pw:eip

This Metasploit module exploits an authenticated directory traversal vulnerability in the WordPress plugin 'Simple JobBoard' versions prior to 2.9.3, allowing arbitrary file read with web server privileges.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: WordPress Simple JobBoard plugin < 2.9.3

Auth required

Prerequisites: Valid WordPress credentials · Simple JobBoard plugin version < 2.9.3

MITRE ATT&CK

T1005 - Data from Local System T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by Ven3xy · pythonwebappsphp

https://www.exploit-db.com/exploits/50721

View Code ZIP pw:eip

This exploit targets a Local File Inclusion (LFI) vulnerability in WordPress Plugin Simple Job Board 2.9.3 (CVE-2020-35749). It authenticates as a user and fetches arbitrary files from the server by manipulating the 'sjb_file' parameter.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress Plugin Simple Job Board 2.9.3

Auth required

Prerequisites: Valid WordPress credentials · Target URL with vulnerable plugin installed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 5 stars

by M4xSec · poc

https://github.com/M4xSec/Wordpress-CVE-2020-35749

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2020-35749, a Local File Inclusion (LFI) vulnerability in the WordPress Simple Job Board plugin (version 2.9.3). The exploit authenticates to WordPress and leverages a path traversal flaw in the 'sjb_file' parameter to read arbitrary files from the server.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress Simple Job Board plugin 2.9.3

Auth required

Prerequisites: Valid WordPress credentials · Target running vulnerable plugin version

MITRE ATT&CK

T1005 - Data from Local System T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

WordPress Simple Job Board <2.9.4 - Local File Inclusion

HIGHby cckuailong

References (3)

Core 3

Core References

Exploit, Third Party Advisory x_refsource_misc

https://docs.google.com/document/d/1TbePkrRGsczepBaJptIdVRvfRrjiC5hjGg_Vxdesw6E/edit?usp=sharing

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/161050/Simple-JobBoard-Authenticated-File-Read.html

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/165892/WordPress-Simple-Job-Board-2.9.3-Local-File-Inclusion.html

Scores

CVSS v3 7.7

EPSS 0.7793

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

presstigers/simple_board_job < 2.9.3

Published Jan 15, 2021

Tracked Since Feb 18, 2026