WordPress JS Job Manager Plugin <=2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-31087
8.8HIGH
What is CVE-2023-31087?
A Cross-Site Request Forgery (CSRF) vulnerability exists in the JoomSky JS Job Manager plugin for WordPress, affecting versions up to 2.0.0. This flaw could allow unauthorized commands to be sent from a user’s browser, potentially compromising user accounts and site integrity. It is essential for website administrators to update their plugins to guard against this exploit, ensuring robust protection from potential threats.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
JS Job Manager <= 2.0.0
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Yuki Haruma (Patchstack Alliance)