Plateforme
wordpress
Composant
wpjobboard
Corrigé dans
5.11.1
CVE-2025-30967 describes a critical Remote Code Execution (RCE) vulnerability within the WPJobBoard WordPress plugin. This flaw allows an attacker to leverage Cross-Site Request Forgery (CSRF) to upload a malicious web shell to the web server, granting them unauthorized access and control. The vulnerability impacts versions of WPJobBoard from 0.0 up to and including 5.11.1; upgrading to version 5.11.1 resolves the issue.
The impact of CVE-2025-30967 is severe. Successful exploitation allows an attacker to upload a web shell, effectively providing them with a backdoor into the web server. This can lead to complete compromise of the WordPress site, including data exfiltration, modification of website content, and potentially access to the underlying server infrastructure. The CSRF nature of the vulnerability means an attacker doesn't necessarily need to authenticate to exploit it, making it particularly dangerous. A web shell allows for arbitrary code execution, enabling attackers to install malware, pivot to other systems on the network, and disrupt services.
CVE-2025-30967 was publicly disclosed on 2025-04-15. The vulnerability's CSRF nature and the ease of web shell deployment suggest a moderate probability of exploitation. Public proof-of-concept (PoC) code is likely to emerge, further increasing the risk. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting WPJobBoard installations.
Websites utilizing the WPJobBoard plugin, particularly those running older, unpatched versions (0.0 - 5.11.1), are at significant risk. Shared hosting environments where WordPress installations have limited access controls are especially vulnerable, as an attacker compromising one site could potentially exploit this vulnerability to gain access to others on the same server.
• wordpress / composer / npm:
grep -r 'wp_insert_file' /var/www/html/wp-content/plugins/wpjobboard/• wordpress / composer / npm:
wp plugin list --status=active | grep wpjobboard• wordpress / composer / npm:
curl -I https://your-wordpress-site.com/wp-content/plugins/wpjobboard/ | grep Serverdisclosure
Statut de l'Exploit
EPSS
0.12% (percentile 31%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-30967 is to immediately upgrade the WPJobBoard plugin to version 5.11.1 or later. If upgrading is not immediately feasible due to compatibility concerns or breaking changes, consider implementing a temporary workaround by restricting file upload permissions within the WordPress environment. Specifically, limit the allowed file types and directories accessible for uploads. Web Application Firewalls (WAFs) can be configured to detect and block suspicious file upload attempts, particularly those involving common web shell extensions. Monitor WordPress logs for unusual activity, such as unexpected file uploads or modifications.
Actualice el plugin WPJobBoard a la versión 5.11.1 o superior para mitigar la vulnerabilidad de CSRF que podría permitir la ejecución remota de código. Asegúrese de realizar una copia de seguridad de su sitio web antes de actualizar el plugin. Verifique la compatibilidad de la actualización con otros plugins y temas.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-30967 is a critical Remote Code Execution vulnerability in the WPJobBoard WordPress plugin, allowing attackers to upload web shells via CSRF.
You are affected if you are using WPJobBoard versions 0.0 through 5.11.1. Immediately check your plugin version and upgrade if necessary.
Upgrade the WPJobBoard plugin to version 5.11.1 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting file upload permissions.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a moderate probability of exploitation.
Refer to the official WPJobBoard website and WordPress plugin repository for the latest security advisories and updates related to CVE-2025-30967.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.