CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49322 – WordPress Job Board Manager for WordPress plugin <= 1.0 - Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-49322
15 Oct 2024 — Incorrect Privilege Assignment vulnerability in CodePassenger Job Board Manager for WordPress allows Privilege Escalation.This issue affects Job Board Manager for WordPress: from n/a through 1.0. The Job Board Manager for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0. This is due to the plugin not properly restricting access to what roles a user can update in the update_user_data() function. This makes it possible for unauthenticated attackers... • https://patchstack.com/database/vulnerability/jemployee/wordpress-job-board-manager-for-wordpress-plugin-1-0-privilege-escalation-vulnerability?_s_id=cve • CWE-266: Incorrect Privilege Assignment •