Login Sign Up

CVE-2024-1813

9.8 CRITICAL
Deserialization

📋 TL;DR

The Simple Job Board WordPress plugin is vulnerable to PHP object injection via deserialization of untrusted input, allowing unauthenticated attackers to inject malicious PHP objects. If a POP chain exists via another plugin or theme, attackers could delete files, steal data, or execute arbitrary code when viewing job applications. All WordPress sites using Simple Job Board version 2.11.0 or earlier are affected.

💻 Affected Systems

Products:
  • Simple Job Board WordPress Plugin
Versions: All versions up to and including 2.11.0
Operating Systems: All operating systems running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with Simple Job Board plugin. Exploitation requires a POP chain via another plugin or theme for maximum impact.

📦 What is this software?

Simple Job Board by Presstigers

View all CVEs affecting Simple Job Board →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and website defacement.

🟠

Likely Case

Arbitrary file deletion or sensitive data exposure if POP chains exist in common plugins/themes.

🟢

If Mitigated

Limited impact if no POP chains exist, but still represents a serious security flaw.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires understanding of PHP object injection and available POP chains. CVSS 9.8 indicates critical severity.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.11.1

Vendor Advisory: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3051715%40simple-job-board&old=3038476%40simple-job-board

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find Simple Job Board and click 'Update Now'. 4. Verify version shows 2.11.1 or higher.

🔧 Temporary Workarounds

Disable Simple Job Board Plugin

all

Temporarily disable the vulnerable plugin until patching is possible.

wp plugin deactivate simple-job-board

Web Application Firewall Rules

all

Block requests containing serialized PHP object patterns.

🧯 If You Can't Patch

  • Disable the Simple Job Board plugin immediately.
  • Implement strict WAF rules to block PHP serialization patterns in HTTP requests.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Simple Job Board → Version. If version is 2.11.0 or lower, you are vulnerable.

Check Version:

wp plugin get simple-job-board --field=version

Verify Fix Applied:

After updating, verify Simple Job Board version shows 2.11.1 or higher in WordPress plugins list.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to job application endpoints
  • PHP deserialization errors in web server logs
  • Unexpected file deletion or creation events

Network Indicators:

  • HTTP requests containing serialized PHP object patterns (O:)
  • Traffic spikes to /wp-content/plugins/simple-job-board/

SIEM Query:

source="web_logs" AND (uri_path="*simple-job-board*" AND (http_method="POST" AND content="*O:*"))

📊 Metadata

CVE ID: CVE-2024-1813
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-502
Published: April 9, 2024
Last Updated: January 31, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-1813, you might also want to check these:

CVE-2023-46604 10.0

CVE-2023-46604 is a critical remote code execution vulnerability in Apache ActiveMQ's Java OpenWire ...

Same vulnerability type (CWE-502)
CVE-2023-49772 10.0

This vulnerability allows unauthenticated attackers to execute arbitrary PHP code through deserializ...

Same vulnerability type (CWE-502)
CVE-2024-25100 10.0

This vulnerability allows unauthenticated attackers to inject malicious PHP objects via deserializat...

Same vulnerability type (CWE-502)