Plateforme
wordpress
Composant
wp-jobsearch
Corrigé dans
2.3.5
CVE-2024-43245 is a critical Improper Privilege Management vulnerability discovered in eyecix JobSearch, a WordPress plugin. This vulnerability allows attackers to escalate their privileges within the system, potentially leading to full site compromise. It impacts versions of JobSearch prior to 2.3.5, and a patch is available in version 2.3.5.
The Improper Privilege Management flaw allows an attacker to bypass intended access controls and gain elevated privileges on the WordPress site where JobSearch is installed. This could enable them to modify user roles, install malicious plugins, access sensitive data, or even take complete control of the website. The potential blast radius is significant, as a successful exploit could compromise the entire WordPress installation and any connected databases or services. This is particularly concerning for sites using JobSearch for sensitive data handling or user authentication.
CVE-2024-43245 was publicly disclosed on August 19, 2024. The vulnerability's critical CVSS score (9.8) indicates a high probability of exploitation. As of this writing, there are no publicly available proof-of-concept exploits, but the ease of privilege escalation vulnerabilities often leads to rapid exploit development. Monitor security advisories and threat intelligence feeds for updates on exploitation activity.
WordPress sites utilizing the eyecix JobSearch plugin, particularly those running older versions (≤2.3.4), are at significant risk. Shared hosting environments where multiple websites share the same server resources are also at increased risk, as a compromise of one site could potentially lead to lateral movement to others.
• wordpress / composer / npm:
wp plugin list | grep JobSearch• wordpress / composer / npm:
wp plugin update --all• wordpress / composer / npm:
wp plugin status JobSearch• generic web: Check WordPress admin panel for unauthorized user role changes or plugin installations.
disclosure
Statut de l'Exploit
EPSS
0.35% (percentile 58%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2024-43245 is to immediately upgrade to eyecix JobSearch version 2.3.5 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily restricting access to the JobSearch plugin's administrative interface. While not a complete solution, this can limit the attacker's ability to exploit the vulnerability. Monitor WordPress access logs for suspicious activity, particularly attempts to modify user roles or install plugins from untrusted sources. Implement a Web Application Firewall (WAF) with rules to block attempts to exploit privilege escalation vulnerabilities.
Actualice el plugin JobSearch a la última versión disponible. La versión más reciente incluye una solución para la vulnerabilidad de escalada de privilegios. Para actualizar, vaya al panel de administración de WordPress, sección 'Plugins' y busque 'JobSearch'. Si hay una actualización disponible, haga clic en 'Actualizar ahora'.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2024-43245 is a critical vulnerability in the eyecix JobSearch WordPress plugin that allows attackers to gain elevated privileges, potentially compromising the entire website.
Yes, if you are using eyecix JobSearch version 2.3.4 or earlier, you are affected by this vulnerability and should upgrade immediately.
Upgrade to eyecix JobSearch version 2.3.5 or later to remediate the vulnerability. If immediate upgrade is not possible, restrict access to the plugin's admin interface.
While no public exploits are currently available, the critical severity and ease of exploitation suggest a high likelihood of active exploitation in the near future.
Refer to the official eyecix JobSearch plugin documentation and WordPress security announcements for the latest advisory and updates.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.