Incorrect Privilege Assignment Vulnerability Allows Privilege Escalation
CVE-2024-49322

9.8CRITICAL

Key Information:

Vendor: Wordpress
Status: Job Board Manager For WordPress
Vendor: CVE Published:; 17 October 2024

Summary

The identified vulnerability in the CodePassenger Job Board Manager for WordPress enables incorrect privilege assignment, potentially allowing attackers to elevate their privileges. This issue specifically affects versions from n/a up to 1.0 of the Job Board Manager for WordPress. Administrators are advised to evaluate their installations and consider implementing security patches to mitigate risks associated with unauthorized access.

Affected Version(s)

Job Board Manager for WordPress <= 1.0

References

https://patchstack.com/database/vulnerability/jemployee/w...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 17, 2024
Vulnerability Reserved
Oct 14, 2024

Credit

João Pedro Soares de Alcântara - Kinorth (Patchstack Alliance)