CVE-2024-43929

CWE-862 — Missing Authorization3 documents3 sources

Severity

9.8CRITICAL

EPSS

0.4%

top 40.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Eyecix Jobsearch WP JOB Board Eyecix Jobsearch

Timeline

PublishedNov 1

Description

Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JobSearch: from n/a through 2.5.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages2 packages

▶NVDeyecix/jobsearch_wp_job_board< 2.5.6

▶CVEListV5eyecix/jobsearchn/a — 2.5.4

🔴Vulnerability Details

CVEList

WordPress JobSearch WP Job Board WordPress Plugin plugin <= 2.5.4 - Broken Access Control vulnerability↗2024-11-01

▶

GHSA

GHSA-mp2v-wwm5-4rrw: Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs↗2024-11-01

▶