CVE-2024-12132 – WordPress Job Portal – Insecure Direct Object Reference (IDOR) in WP Job Portal Plugin

1月 3, 2025
10:16 am

CVE ID : CVE-2024-12132

Published : Jan. 3, 2025, 9:15 a.m. | 1 hour, 1 minute ago

Description : The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.4 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create jobs for companies that are unaffiliated with the attacker.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-12132 – WordPress Job Portal – Insecure Direct Object Reference (IDOR) in WP Job Portal Plugin

Elvescore.io

Recent Posts

CVE-2024-13131 – Dahua Web Interface Information Disclosure vulnerability

CVE-2024-13130 – Dahua Web Interface Remote Path Traversal Vulnerability

CVE-2025-0213 – Campcodes Project Management System Remote Unrestricted File Upload Vulnerability

CVE-2025-0214 – OpenCart TMD Custom Header Menu SQL Injection Vulnerability

CVE-2025-0212 – Campcodes Student Grading System SQL Injection

CVE-2024-41763 – IBM Engineering Lifecycle Optimization Weak Cryptographic Algorithms

CVE-2024-12132 – WordPress Job Portal – Insecure Direct Object Reference (IDOR) in WP Job Portal Plugin

CVE-2024-12132 – WordPress Job Portal – Insecure Direct Object Reference (IDOR) in WP Job Portal Plugin