2025-03-14 04:22:33
Wordfence
PUBLISHED
The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1. This is due to the plugin not properly verifying a users identity prior to authenticating them through the cs_parse_request() function. This makes it possible for unauthenticated attackers to to log in to any users account, including administrators.