WordPress Plugin Vulnerabilities

JobSearch WP Job Board < 1.8.2 - Subscriber+ Arbitrary Blog Options Update

Description

The jobsearch_job_integrations_settin_save AJAX action of the plugin, available to any authenticated user, does not have authorisation and CSRF in place, allowing any authenticated user, such as subscriber to call it and modify arbitrary blog options

Affects Plugins

Plugin icon
wp-jobsearch
Fixed in 1.8.2

References

CVE
CVE-2021-4361
URL
https://blog.nintechnet.com/wordpress-jobsearch-wp-job-board-plugin-fixed-vulnerability/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Jerome Bruandet
Verified
Yes
WPVDB ID
a69aa52f-9876-4180-97a4-713459b43f24

Timeline

Publicly Published
2021-10-05 (about 2 years ago)
Added
2021-10-05 (about 2 years ago)
Last Updated
2023-06-08 (about 11 months ago)

Other

Published
Title
Published
2021-08-17
Title
PostX Gutenberg Blocks for Post Grid < 2.4.10 - Missing Access Controls
Published
2021-07-07
Title
WP Upload Restriction < 2.2.5 - Missing Access Control in deleteCustomType
Published
2024-01-16
Title
User Profile Builder < 3.10.9 - Missing Authorization to Plugin Settings Change via wppb_two_factor_authentication_settings_update
Published
2024-02-26
Title
Duitku Payment Gateway < 2.11.7 - Missing Authorization via check_duitku_response
Published
2024-02-06
Title
AMP for WP < 1.0.93.2 - Authenticated(Contributor+) Arbitrary Post Deletion via amppb_remove_saved_layout_data