CVE-2024-43931

CWE-502Deserialization of Untrusted Data3 documents3 sources
Severity
9.8CRITICAL
EPSS
1.2%
top 21.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Eyecix Jobsearch WP JOB BoardEyecix Jobsearch
Timeline
PublishedAug 29

Description

Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5eyecix/jobsearchn/a2.5.3

🔴Vulnerability Details

2
CVEList
WordPress JobSearch WP Job Board WordPress Plugin plugin <= 2.5.3 - PHP Object Injection vulnerability2024-08-29
GHSA
GHSA-3gcf-28pg-3vm2: Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection2024-08-29
CVE-2024-43931 (CRITICAL CVSS 9.8) | Deserialization of Untrusted Data v | cvebase.io