The WP JobSearch WordPress plugin before 2.3.4 does not prevent attackers from logging-in as any users with the only knowledge of that user's email address.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-02-27T08:30:26.628Z

Updated: 2024-08-02T08:35:14.824Z

Reserved: 2023-12-07T15:00:43.235Z

Link: CVE-2023-6584

cve-icon Vulnrichment

Updated: 2024-07-25T16:03:28.318Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-02-27T09:15:37.087

Modified: 2024-11-21T08:44:09.203

Link: CVE-2023-6584

cve-icon Redhat

No data.