Lucene search
PatchstackVULNRICHMENT:CVE-2024-43245HistoryAug 19, 2024 - 5:12 p.m.
CVE-2024-43245 WordPress JobSearch plugin <= 2.3.4 - Unauthenticated Account Takeover vulnerability
2024-08-1917:12:03
CWE-269
Patchstack
github.com
4
cve-2024-43245
wordpress
jobsearch
unauthenticated account takeover
privilege escalation
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.
CNA Affected
[
{
"vendor": "eyecix",
"product": "JobSearch",
"versions": [
{
"status": "affected",
"version": "n/a",
"versionType": "custom",
"lessThanOrEqual": "2.3.4"
}
],
"defaultStatus": "unaffected"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:eyecix:jobsearch_wp_job_board:-:*:*:*:*:wordpress:*:*"
],
"vendor": "eyecix",
"product": "jobsearch_wp_job_board",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "2.3.4"
}
],
"defaultStatus": "unknown"
}
]Related
cve
cve
CVE-2024-43245
2024-08-19 18:15:10
cvelist
cvelist
nvd
nvd
CVE-2024-43245
2024-08-19 18:15:10
wordfence
wordfence
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-43245