CVE-2024-11286
Published: 14 March 2025
Description
Adversaries may obtain and abuse credentials of a local account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
Security Summary
CVE-2024-11286 is an authentication bypass vulnerability in the WP JobHunt plugin for WordPress, affecting all versions up to and including 7.1. The flaw stems from the plugin's cs_parse_request() function failing to properly verify a user's identity before granting authentication, enabling unauthorized access.
Unauthenticated attackers can exploit this vulnerability remotely over the network with low attack complexity and no privileges or user interaction required, earning it a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and mapping to CWE-288 (Authentication Bypass Using an Alternate Path or Channel). Exploitation allows attackers to log in as any user, including administrators, granting full control over the affected WordPress site.
Mitigation details are available in related advisories, including the Wordfence threat intelligence report at https://www.wordfence.com/threat-intel/vulnerabilities/id/91754c4d-a0d0-4d35-a70a-446d2bdf6c73?source=cve and the plugin's ThemeForest page at https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is an authentication bypass in a public-facing WordPress plugin allowing remote unauthenticated login as any user (including administrators), directly enabling T1190 (Exploit Public-Facing Application) for initial access and T1078.003 (Valid Accounts: Local Accounts) by abusing application accounts without credentials.