3 matches found
CVE-2024-11283
The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1. This is due to wpajaxgoogleapilogincallback function not properly verifying a user's identity prior to authenticating them. This makes it possible for unauthenticated attackers to...
CVE-2024-11283
CVE-2024-11283 affects the WordPress WP JobHunt plugin up to version 7.1. The root cause is that the wp_ajax_google_api_login_callback function does not properly verify the user’s identity before authentication, enabling unauthenticated attackers to access arbitrary candidate accounts. Affected c...
PT-2025-11232 · WordPress · Wp Jobhunt
Name of the Vulnerable Software and Affected Versions: WP JobHunt plugin for WordPress versions up to, and including, 7.1 Description: The issue is related to authentication bypass. This is due to the wp ajax google api login callback function not properly verifying a user's identity prior to...