Volerion logoVolerion
Volerion logoVolerion

WP JobHunt Plugin Authentication Bypass Vulnerability

Vulnerability

A vulnerability allowing authentication bypass has been identified in the WP JobHunt plugin for WordPress, affecting all versions through 7.1. The issue arises because the plugin fails to properly verify a user's identity before authenticating them via the cs_parse_request() function. This flaw enables unauthenticated attackers to log in to any user's account, including those of administrators.

Impact

Exploitation of this vulnerability allows unauthenticated users to gain unauthorized access to any user's account, potentially including administrative accounts.

Remediation

No known patch is available. Users are advised to review the vulnerability details and consider uninstalling the affected plugin.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
3.4
impact
5.0
exploitability
7.6
remediation
0.0
relevance
0.0
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.