Skip to main content

Jobbank

1 CVEs product

Monthly

CVE-2025-69189 HIGH This Week

Broken access control in EMV's JobBank WordPress plugin (versions up to and including 1.2.3) allows remote unauthenticated attackers to invoke functionality that should be restricted by authorization checks. The flaw stems from incorrectly configured access control levels on plugin endpoints, enabling attackers to interact with protected operations without proper privileges. No public exploit identified at time of analysis, but the network-reachable, low-complexity nature makes opportunistic scanning likely against WordPress sites running this plugin.

Authentication Bypass Jobbank
NVD
CVSS 3.1
7.3
EPSS
0.2%
EPSS 0% CVSS 7.3
HIGH This Week

Broken access control in EMV's JobBank WordPress plugin (versions up to and including 1.2.3) allows remote unauthenticated attackers to invoke functionality that should be restricted by authorization checks. The flaw stems from incorrectly configured access control levels on plugin endpoints, enabling attackers to interact with protected operations without proper privileges. No public exploit identified at time of analysis, but the network-reachable, low-complexity nature makes opportunistic scanning likely against WordPress sites running this plugin.

Authentication Bypass Jobbank
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy