Primary

Context

WP Job Portal Insecure Direct Object Reference Vulnerability

Vulnerability

Patched

A vulnerability allowing Insecure Direct Object Reference (IDOR) has been identified in the WP Job Portal plugin for WordPress, specifically in versions through 2.2.4. This vulnerability arises from inadequate validation of user-controlled keys, enabling authenticated attackers with Subscriber-level access or higher to create jobs for companies with which they are not affiliated.

Impact

Exploitation of this vulnerability allows for unauthorized job creation on behalf of companies that the attacker is not associated with.

Remediation

Users can update to version 2.2.5 or a newer patched version to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.6

impact

0.6

exploitability

6.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.6

impact

0.6

exploitability

6.1

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WP Job Portal Insecure Direct Object Reference Vulnerability

Vulnerability

Impact

Remediation

Affected Products

WP Job Portal

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating