CVE-2024-43928

CWE-862 — Missing Authorization3 documents3 sources

Severity

8.8HIGH

EPSS

0.3%

top 44.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Eyecix Jobsearch WP JOB Board Eyecix Jobsearch

Timeline

PublishedNov 1

Description

Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through 2.5.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.5

Affected Packages2 packages

▶NVDeyecix/jobsearch_wp_job_board< 2.5.6

▶CVEListV5eyecix/jobsearchn/a — 2.5.4

🔴Vulnerability Details

GHSA

GHSA-h2v3-phvr-8mc3: Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels↗2024-11-01

▶

CVEList

WordPress JobSearch WP Job Board WordPress Plugin plugin <= 2.5.4 - Broken Access Control vulnerability↗2024-11-01

▶