Skip to main content

Wp Job Portal CVE-2022-41786

MEDIUM
Missing Authorization (CWE-862)
2024-01-17 audit@patchstack.com
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low

Lifecycle Timeline

1
CVE Published
Jan 17, 2024 - 18:15 cve.org
MEDIUM 5.4

DescriptionCVE.org

Missing Authorization vulnerability in WP Job Portal WP Job Portal - A Complete Job Board.This issue affects WP Job Portal - A Complete Job Board: from n/a through 2.0.1.

AnalysisAI

Missing Authorization vulnerability in WP Job Portal WP Job Portal - A Complete Job Board.0.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Missing Authorization (CWE-862), which allows attackers to access resources or perform actions without proper authorization checks. Missing Authorization vulnerability in WP Job Portal WP Job Portal - A Complete Job Board.0.1. Affected products include: Wpjobportal Wp Job Portal. Version information: through 2.0.1..

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement role-based access control, validate authorization on every request server-side, apply principle of least privilege.

CVE-2023-4490 CRITICAL POC
9.8 Sep 25

The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape a parameter before using it in a SQL statem

CVE-2024-11715 CRITICAL
9.8 Dec 14

The WP Job Portal - A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to

CVE-2024-7950 CRITICAL
9.8 Sep 04

The WP Job Portal - A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to

CVE-2026-12396 MEDIUM POC
5.4 Jul 13

Missing authorization in WP Job Portal WordPress plugin before 2.5.5 allows any self-registered subscriber to approve, f

CVE-2026-42684 CRITICAL
9.3 Jun 02

Blind SQL injection in the WP Job Portal WordPress plugin (versions up to and including 2.5.1) allows remote unauthentic

CVE-2026-12397 MEDIUM POC
4.3 Jul 13

The WP Job Portal WordPress plugin before 2.5.5 does not verify ownership when returning an employer's contact email fo

CVE-2024-11711 HIGH
7.5 Dec 14

The WP Job Portal - A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to

CVE-2026-42685 HIGH
7.1 Jun 02

Reflected cross-site scripting in the WP Job Portal WordPress plugin (versions up to and including 2.5.1) allows remote

CVE-2026-48880 MEDIUM
6.5 Jun 15

Stored Cross-Site Scripting in WP Job Portal WordPress plugin versions up to and including 2.5.2 allows authenticated Su

CVE-2024-11712 MEDIUM
5.3 Dec 14

The WP Job Portal - A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to

CVE-2024-11714 MEDIUM
4.9 Dec 14

The WP Job Portal - A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to

CVE-2024-11713 MEDIUM
4.9 Dec 14

The WP Job Portal - A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to

Share

CVE-2022-41786 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy