WordPress JobSearch plugin <= 3.2.7 - Broken Access Control vulnerability

Vulnerability

The JobSearch plugin for WordPress versions up to and including 3.2.7 contains a broken access control vulnerability. This issue arises from missing authorization or nonce checks in a function, allowing unauthenticated users to perform actions that should require higher privileges. The vulnerability is classified as unauthenticated broken access control [1].

Exploitation

An attacker can exploit this vulnerability without any authentication by sending specially crafted HTTP requests to the vulnerable endpoint. No user interaction or special network position is required. The vulnerability is considered highly dangerous and is expected to be used in mass-exploit campaigns targeting thousands of websites [1].

Impact

Successful exploitation enables an unauthenticated attacker to execute higher privileged actions, potentially leading to full site compromise, unauthorized data access, or other malicious operations. The exact impact depends on the specific function affected, but the lack of access control can result in significant security breaches [1].

Mitigation

The vulnerability is fixed in version 3.2.8 of the JobSearch plugin. Users are strongly advised to update immediately. For those unable to update, Patchstack has issued a mitigation rule to block attacks until the update is applied. Given the expected mass exploitation, prompt action is critical [1].