JobCareer | Job Board Responsive WordPress Theme <= 2.4 - User enumeration & Reset password



Description
CVE-2018-19487:

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users.


CVE-2018-19488:

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset  the password of a user's account.

Affects Theme

fixed in version 2.4.1

References

CVE 2018-19487
CVE 2018-19488
URL https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636
URL https://github.com/Antho59/wp-jobhunt-exploit

Classification

Type UNKNOWN

Miscellaneous

Original Researcher Anthony MAESTRE
Submitter Anthony MAESTRE
Views 19804
Verified No
WPVDB ID 9206

Timeline

Publicly Published 2018-12-04 (9 months ago)
Added 2019-01-25 (7 months ago)
Last Updated 2019-01-25 (7 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin