Wp Job Manager
Monthly
Missing authorization in Automattic WP Job Manager through version 2.4.1 allows unauthenticated remote attackers to modify plugin data through incorrectly configured access control, enabling unauthorized changes to job listings and related content without proper privilege validation. The vulnerability has a low real-world exploitation probability (EPSS 0.02%) despite the network-accessible attack vector, suggesting limited practical exploitability in typical WordPress deployments.
Missing authorization in Automattic WP Job Manager through version 2.4.1 allows unauthenticated remote attackers to modify plugin data through incorrectly configured access control, enabling unauthorized changes to job listings and related content without proper privilege validation. The vulnerability has a low real-world exploitation probability (EPSS 0.02%) despite the network-accessible attack vector, suggesting limited practical exploitability in typical WordPress deployments.