CVE-2024-12810 – The JobCareer | Job Board Responsive WordPress Theme Unauthenticated Remote Code Execution and Data Manipulation

March 14, 2025
1:16 pm

CVE ID : CVE-2024-12810

Published : March 14, 2025, 12:15 p.m. | 42 minutes ago

Description : The JobCareer | Job Board Responsive WordPress Theme theme for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 7.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files, generate backups, restore backups, update theme options, and reset theme options to default settings.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-12810 – The JobCareer | Job Board Responsive WordPress Theme Unauthenticated Remote Code Execution and Data Manipulation

Elvescore.io

Recent Posts

CVE-2023-52927 – Open vSwitch Netfilter Conntrack Expectation Removal Vulnerability (Information Disclosure)

CVE-2024-40590 – FortiPortal Certificate Validation Weakness

CVE-2024-45638 – IBM Security QRadar EDR Plain Text Credential Storage Vulnerability

CVE-2024-45643 – IBM Security QRadar EDR Weak Cryptography Vulnerability

CVE-2024-46662 – Fortinet FortiManager Command Injection Vulnerability

CVE-2024-47573 – FortiNDR Firmware Integrity Check Validation Bypass

CVE-2024-12810 – The JobCareer | Job Board Responsive WordPress Theme Unauthenticated Remote Code Execution and Data Manipulation

CVE-2024-12810 – The JobCareer | Job Board Responsive WordPress Theme Unauthenticated Remote Code Execution and Data Manipulation