Privilege Escalation Vulnerability in WP Job Board Pro Plugin by WordPress
CVE-2024-12213
9.8CRITICAL
Summary
The WP Job Board Pro plugin for WordPress contains a vulnerability that enables potential privilege escalation, affecting all versions up to and including 1.2.76. This vulnerability arises from the plugin allowing users to specify the 'role' field during registration, enabling unauthenticated attackers to register as administrators on vulnerable installations. It is crucial for site administrators to evaluate their installations and implement necessary security measures to mitigate the risk.
Affected Version(s)
WP Job Board Pro * <= 1.2.76
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Friderika Baranyai