Unrated severityNVD Advisory· Published Mar 17, 2019· Updated Aug 5, 2024
CVE-2018-19488
CVE-2018-19488
Description
The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<2.4+ 1 more
- (no CPE)range: <2.4
- (no CPE)range: <2.4
Patches
Vulnerability mechanics
References
1- wpvulndb.com/vulnerabilities/9206mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.