Vulnerability-Lookup - Search a vulnerability

Refine your search

Product

Sort by

Order

Sources

1 vulnerability found for WP Job Manager by Automattic Inc.

jvndb-2017-000139

Vulnerability from jvndb

Published

2017-06-15 14:32

Modified

2017-06-15 14:32

Severity ?

5.3 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

WordPress plugin "WP Job Manager" fails to restrict access permissions

Details

The WordPress plugin "WP Job Manager" provided by Automattic Inc. fails to restrict access permissions. Katsunori Kumagai of Kumasan, LLC. reported this issue to IPA under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN56787058/index.html
	IPA SECURITY ALERTS	https://www.ipa.go.jp/security/ciadr/vul/20170615-jvn.html
	Permissions(CWE-264)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

Automattic Inc.

WP Job Manager

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000139.html",
  "dc:date": "2017-06-15T14:32+09:00",
  "dcterms:issued": "2017-06-15T14:32+09:00",
  "dcterms:modified": "2017-06-15T14:32+09:00",
  "description": "The WordPress plugin \"WP Job Manager\" provided by Automattic Inc. fails to restrict access permissions.\r\n\r\nKatsunori Kumagai of Kumasan, LLC. reported this issue to IPA under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000139.html",
  "sec:cpe": {
    "#text": "cpe:/a:automattic:wp_job_manager",
    "@product": "WP Job Manager",
    "@vendor": "Automattic Inc.",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "5.0",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
      "@version": "2.0"
    },
    {
      "@score": "5.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2017-000139",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN56787058/index.html",
      "@id": "JVN#56787058",
      "@source": "JVN"
    },
    {
      "#text": "https://www.ipa.go.jp/security/ciadr/vul/20170615-jvn.html",
      "@id": "Security Alert for Vulnerability in WordPress plugin \"WP Job Manager\" (JVN#56787058)",
      "@source": "IPA SECURITY ALERTS"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-264",
      "@title": "Permissions(CWE-264)"
    }
  ],
  "title": "WordPress plugin \"WP Job Manager\" fails to restrict access permissions"
}