Vulnerability Description
The WP Job Board Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to 2.3.16. This is due to the plugin allowing a user to supply the 'role' field when registering. This makes it possible for unauthenticated attackers to register as an administrator on vulnerable sites. Please note that this may have been patched sooner, however, the oldest available version for us to confirm this is patched in was 1.2.85.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apusthemes | Superio | <= 1.2.76 |
Related Weaknesses (CWE)
References
- https://themeforest.net/item/superio-job-board-wordpress-theme/32180231Product
- https://www.wordfence.com/threat-intel/vulnerabilities/id/7cdfce88-b6c2-4820-9d6Third Party Advisory
FAQ
What is CVE-2024-12213?
CVE-2024-12213 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The WP Job Board Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to 2.3.16. This is due to the plugin allowing a user to supply the 'role' field when registering. Thi...
How severe is CVE-2024-12213?
CVE-2024-12213 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-12213?
Check the references section above for vendor advisories and patch information. Affected products include: Apusthemes Superio.