CVE-2023-4490

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 25, 2023

Updated: Nov 7, 2023

Summary

CVE-2023-4490 is a SQL injection vulnerability affecting the WP Job Portal WordPress plugin before version 2.0.6. Malicious users can exploit this issue by injecting malicious SQL code through an unsanitized parameter, bypassing authentication and gaining unauthorized access to sensitive data or even taking control of the affected website. This vulnerability poses a significant risk to websites using the WP Job Portal plugin and should be addressed by installing the latest patches or upgrading to a secure version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sbeW_8
https://www.cve.org/CVERecord?id=CVE-2023-4490
https://nvd.nist.gov/vuln/detail/CVE-2023-4490

Back to Vulnerability Database

CVE-2023-4490

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations