CVE-2024-11283
📋 TL;DR
The WP JobHunt plugin for WordPress has an authentication bypass vulnerability that allows unauthenticated attackers to access arbitrary candidate accounts. This affects all WordPress sites using WP JobHunt plugin versions up to 7.1. Attackers can impersonate legitimate users without credentials.
💻 Affected Systems
- WP JobHunt WordPress Plugin
📦 What is this software?
Jobcareer by Chimpgroup
⚠️ Risk & Real-World Impact
Worst Case
Attackers gain full control over candidate accounts, potentially accessing sensitive personal information, modifying resumes, applying for jobs as legitimate users, and escalating privileges within the WordPress environment.
Likely Case
Attackers access candidate accounts to steal personal information, modify application data, or use legitimate accounts for spam/malicious activities.
If Mitigated
With proper access controls and monitoring, impact is limited to unauthorized access to candidate profiles without system compromise.
🎯 Exploit Status
Exploitation requires understanding of WordPress AJAX endpoints but no authentication is needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 7.2 or later
Vendor Advisory: https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find WP JobHunt plugin. 4. Click 'Update Now' if update available. 5. If no update available, download latest version from theme vendor. 6. Deactivate and delete old version. 7. Upload and activate new version.
🔧 Temporary Workarounds
Disable WP JobHunt Plugin
WordPressTemporarily disable the vulnerable plugin until patched
wp plugin deactivate wp-jobhunt
Restrict AJAX Access
allAdd firewall rules to restrict access to wp-admin/admin-ajax.php for unauthenticated users
🧯 If You Can't Patch
- Disable the WP JobHunt plugin completely
- Implement web application firewall rules to block exploitation attempts
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → Installed Plugins for WP JobHunt versionCheck Version:
wp plugin get wp-jobhunt --field=versionVerify Fix Applied:
Verify WP JobHunt plugin version is 7.2 or higher in WordPress admin📡 Detection & Monitoring
Log Indicators:
- Unusual authentication attempts via wp-admin/admin-ajax.php
- Multiple failed login attempts followed by successful authentication from same IP
- User account access from unexpected IP addresses
Network Indicators:
- POST requests to /wp-admin/admin-ajax.php with action=google_api_login_callback from unauthenticated sources
- Unusual traffic patterns to candidate profile pages
SIEM Query:
source="wordpress.logs" AND (uri_path="/wp-admin/admin-ajax.php" AND action="google_api_login_callback")