The WP JobSearch WordPress plugin before 2.3.4 does not prevent attackers from logging-in as any users with the only knowledge of that user's email address.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-02-27T08:30:26.628Z
Updated: 2024-08-02T08:35:14.824Z
Reserved: 2023-12-07T15:00:43.235Z
Link: CVE-2023-6584
Vulnrichment
Updated: 2024-07-25T16:03:28.318Z
NVD
Status : Awaiting Analysis
Published: 2024-02-27T09:15:37.087
Modified: 2024-11-21T08:44:09.203
Link: CVE-2023-6584
Redhat
No data.