CVE-2023-7049
📋 TL;DR
The Custom Field For WP Job Manager WordPress plugin has an Insecure Direct Object Reference vulnerability that allows authenticated attackers with contributor-level access or higher to access potentially sensitive post metadata. This occurs because the 'cm_fieldshow' shortcode doesn't properly validate the 'job_id' parameter. WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Custom Field For WP Job Manager WordPress plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could access sensitive metadata from posts they shouldn't have permission to view, potentially exposing private information, draft content, or internal notes.
Likely Case
Contributors or authors could view metadata from other users' posts, potentially gaining insight into unpublished content or internal processes.
If Mitigated
With proper access controls and plugin updates, the risk is limited to authorized users accessing only their own post metadata.
🎯 Exploit Status
Exploitation requires authenticated access (contributor or higher) and knowledge of the vulnerable shortcode usage.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions after 1.2
Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3134344/custom-field-for-wp-job-manager/trunk/includes/CFWJM_Shortcode.php
Restart Required: No
Instructions:
1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find 'Custom Field For WP Job Manager'
4. Click 'Update Now' if available
5. Alternatively, download latest version from WordPress plugin repository and replace files
🔧 Temporary Workarounds
Disable plugin
allTemporarily disable the vulnerable plugin until patched
wp plugin deactivate custom-field-for-wp-job-manager
Restrict user roles
allLimit contributor and author roles if not needed
🧯 If You Can't Patch
- Remove or restrict contributor-level user accounts
- Monitor for suspicious shortcode usage in post content
🔍 How to Verify
Check if Vulnerable:
Check plugin version in WordPress admin under Plugins → Installed Plugins. If version is 1.2 or lower, you are vulnerable.Check Version:
wp plugin get custom-field-for-wp-job-manager --field=versionVerify Fix Applied:
Verify plugin version is higher than 1.2. Check the CFWJM_Shortcode.php file for proper job_id validation.📡 Detection & Monitoring
Log Indicators:
- Unusual shortcode usage patterns
- Multiple metadata access attempts from single user
Network Indicators:
- HTTP requests with manipulated job_id parameters
SIEM Query:
source="wordpress" AND (uri="*cm_fieldshow*" OR post_content="*cm_fieldshow*")