CVE-2023-5906 – The Job Manager & Career WordPress plugin befor... (How to Fix)

Q: What is the severity of CVE-2023-5906?

CVE-2023-5906 has a CVSS score of 7.5 (HIGH). The Job Manager & Career WordPress plugin before version 1.4.4 contains an authorization bypass vulnerability in its Directory Listings system. This allows unauthenticated attackers to access and download private files belonging to other users. All WordPress sites running vulnerable versions of this plugin are affected.

📋 TL;DR

The Job Manager & Career WordPress plugin before version 1.4.4 contains an authorization bypass vulnerability in its Directory Listings system. This allows unauthenticated attackers to access and download private files belonging to other users. All WordPress sites running vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:

Job Manager & Career WordPress plugin

Versions: All versions before 1.4.4

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default plugin configuration when directory listings feature is enabled.

📦 What is this software?

Job Manager \& Career by Themehigh

View all CVEs affecting Job Manager \& Career →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers exfiltrate sensitive user data including resumes, identification documents, financial information, or proprietary business files, leading to data breaches, identity theft, and regulatory violations.

🟠

Likely Case

Attackers download private user files containing personal information, potentially leading to privacy violations and reputational damage.

🟢

If Mitigated

With proper access controls and monitoring, unauthorized access attempts are detected and blocked before sensitive data is compromised.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires no authentication and minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.4.4

Vendor Advisory: https://wpscan.com/vulnerability/911d495c-3867-4259-a73a-572cd4fccdde

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Job Manager & Career' plugin. 4. Click 'Update Now' if update available. 5. If no update available, manually download version 1.4.4+ from WordPress repository.

🔧 Temporary Workarounds

Disable Directory Listings

all

Temporarily disable the directory listings feature in plugin settings

Disable Plugin

all

Deactivate the vulnerable plugin until patched

🧯 If You Can't Patch

Implement web application firewall rules to block unauthorized directory access attempts
Restrict plugin access using .htaccess or web server configuration to limit exposure

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Job Manager & Career → Version number

Check Version:

wp plugin list --name='job-manager-career' --field=version

Verify Fix Applied:

Verify plugin version is 1.4.4 or higher in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

Unusual file download patterns from directory listing endpoints
Multiple 200/403 responses to private file paths from unauthenticated users

Network Indicators:

Unusual traffic to /wp-content/plugins/job-manager-career/ directory paths
Multiple GET requests for private files from same IP

SIEM Query:

source="web_logs" AND (uri="/wp-content/plugins/job-manager-career/*" OR user_agent="*scanner*") AND response_code=200

📊 Metadata

CVE ID: CVE-2023-5906

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Published: November 27, 2023

Last Updated: November 21, 2024

🔗 References

https://wpscan.com/vulnerability/911d495c-3867-4259-a73a-572cd4fccdde Exploit,Third Party Advisory
https://wpscan.com/vulnerability/911d495c-3867-4259-a73a-572cd4fccdde Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON