1 results (0.002 seconds)

CVSS: 6.5EPSS: %CPEs: 1EXPL: 0

CVE-2023-28689 – JS Job Manager <= 2.0.0 - Missing Authorization

https://notcve.org/view.php?id=CVE-2023-28689

The JS Job Manager plugin for WordPress is vulnerable to unauthorized access to plugin functionality due to missing capability checks on several functions called via AJAX actions in versions up to, and including, 2.0.0. This makes it possible for authenticated attackers with subscriber-level access, and above, to make use of much of the plugin's functionality. • CWE-862: Missing Authorization •