JobCareer | Job Board Responsive WordPress Theme <= 2.4 - User enumeration & Reset password



Description
CVE-2018-19487:

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users.


CVE-2018-19488:

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset  the password of a user's account.

Affects Theme

fixed in version 2.4.1

References

CVE 2018-19487
CVE 2018-19488
URL https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636
URL https://github.com/Antho59/wp-jobhunt-exploit

Classification

Type UNKNOWN

Miscellaneous

Original Researcher Anthony MAESTRE
Submitter Anthony MAESTRE
Views 6226
Verified No
WPVDB ID 9206

Timeline

Publicly Published 2018-12-04 (3 months ago)
Added 2019-01-25 (27 days ago)
Last Updated 2019-01-25 (27 days ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.