CVE-2023-51545 – This vulnerability in the WordPress Job Manager... (How to Fix)

Q: What is the severity of CVE-2023-51545?

CVE-2023-51545 has a CVSS score of 9.6 (CRITICAL). This vulnerability in the WordPress Job Manager & Career plugin allows attackers to perform Cross-Site Request Forgery (CSRF) attacks that lead to PHP object injection. Attackers can trick authenticated administrators into executing malicious actions, potentially leading to remote code execution. All WordPress sites using affected plugin versions are vulnerable.

📋 TL;DR

This vulnerability in the WordPress Job Manager & Career plugin allows attackers to perform Cross-Site Request Forgery (CSRF) attacks that lead to PHP object injection. Attackers can trick authenticated administrators into executing malicious actions, potentially leading to remote code execution. All WordPress sites using affected plugin versions are vulnerable.

💻 Affected Systems

Products:

WordPress Job Manager & Career plugin

Versions: All versions up to and including 1.4.4

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with plugin enabled. Attack requires authenticated admin user interaction.

📦 What is this software?

Job Manager \& Career by Themehigh

View all CVEs affecting Job Manager \& Career →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete site compromise, data theft, malware installation, or site defacement.

🟠

Likely Case

Privilege escalation, data manipulation, or unauthorized administrative actions via CSRF-triggered object injection.

🟢

If Mitigated

Limited impact with proper CSRF protections and input validation in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires tricking authenticated admin user to click malicious link. CSRF leads to PHP object injection.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.4.5 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/job-manager-career/wordpress-job-manager-career-plugin-1-4-4-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Job Manager & Career' plugin. 4. Click 'Update Now' if available. 5. Alternatively, download version 1.4.5+ from WordPress repository and manually update.

🔧 Temporary Workarounds

Disable Plugin

all

Temporarily disable the vulnerable plugin until patched.

wp plugin deactivate job-manager-career

Implement CSRF Protection

all

Add WordPress nonce verification to all plugin forms and AJAX requests.

🧯 If You Can't Patch

Restrict admin access to trusted networks only
Implement web application firewall with CSRF and PHP object injection rules

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Job Manager & Career. If version is 1.4.4 or lower, you are vulnerable.

Check Version:

wp plugin get job-manager-career --field=version

Verify Fix Applied:

Verify plugin version is 1.4.5 or higher in WordPress admin plugins page.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to plugin endpoints
CSRF token validation failures
Unexpected PHP object unserialization attempts

Network Indicators:

Malicious requests containing serialized PHP objects
CSRF attacks targeting plugin endpoints

SIEM Query:

source="wordpress.log" AND ("job-manager-career" OR "wp-admin/admin-ajax.php") AND (POST OR "serialize" OR "unserialize")

📊 Metadata

CVE ID: CVE-2023-51545

CVSS v3 Score: 9.6 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-352

Published: December 29, 2023

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-51545, you might also want to check these: