WP Job Portal – A Complete Job Board, CVE-2024-13371

CVE, Research URL: CVE-2024-13371
Home page URL: Security reports for WP Job Portal – A Complete Job Board
Application: WP Job Portal – A Complete Job Board
Published on: Feb 01, 2025
Research Description: The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized arbitrary emails sending due to a missing capability check on the sendEmailToJobSeeker() function in all versions up to, and including, 2.2.6. This makes it possible for unauthenticated attackers to send arbitrary emails with arbitrary content from the sites mail server.
Affected versions: Min -, max 2.2.7.
Status: vulnerable

WP Job Portal &#8211; A Complete Job Board, CVE-2024-13371