Vulnerability-Lookup

CNVD-2025-17189

Vulnerability from cnvd - Published: 2025-07-30

Title

WordPress WP JobHunt plugin输入验证错误漏洞

Description

WordPress WP JobHunt plugin是WP Job Manager插件的配套主题，专为创建专业的招聘网站设计。 WordPress WP JobHunt plugin存在输入验证错误漏洞，该漏洞源于cs_remove_profile_callback函数缺少用户控制键验证，攻击者可利用该漏洞导致不安全的直接对象引用。

Severity

高

Formal description

目前厂商尚未发布升级程序修复该安全问题，详情见厂商官网： https://wordpress.org/

Reference

https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636

Impacted products

Name
WordPress WP JobHunt plugin <=7.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-6585",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-6585"
    }
  },
  "description": "WordPress WP JobHunt plugin\u662fWP Job Manager\u63d2\u4ef6\u7684\u914d\u5957\u4e3b\u9898\uff0c\u4e13\u4e3a\u521b\u5efa\u4e13\u4e1a\u7684\u62db\u8058\u7f51\u7ad9\u8bbe\u8ba1\u3002\n\nWordPress WP JobHunt plugin\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8ecs_remove_profile_callback\u51fd\u6570\u7f3a\u5c11\u7528\u6237\u63a7\u5236\u952e\u9a8c\u8bc1\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u4e0d\u5b89\u5168\u7684\u76f4\u63a5\u5bf9\u8c61\u5f15\u7528\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5c1a\u672a\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://wordpress.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-17189",
  "openTime": "2025-07-30",
  "products": {
    "product": "WordPress WP JobHunt plugin \u003c=7.2"
  },
  "referenceLink": "https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636",
  "serverity": "\u9ad8",
  "submitTime": "2025-07-25",
  "title": "WordPress WP JobHunt plugin\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2025-6585 (GCVE-0-2025-6585)

Vulnerability from cvelistv5 – Published: 2025-07-22 04:25 – Updated: 2025-07-22 15:52

Title

WP JobHunt <= 7.2 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Account Deletion

Summary

The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.2 via the cs_remove_profile_callback() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete accounts of other users including admins.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-20 - Improper Input Validation

Assigner

Wordfence

References

URL

Tags

	https://www.wordfence.com/threat-intel/vulnerabil…
	https://themeforest.net/item/jobcareer-job-board-…

Impacted products

	Vendor	Product	Version
	n/a	WP JobHunt	Affected: * , ≤ 7.2 (semver)

Credits

meghnine islem

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6585",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-22T15:49:01.523335Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-22T15:52:23.467Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WP JobHunt",
          "vendor": "n/a",
          "versions": [
            {
              "lessThanOrEqual": "7.2",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "meghnine islem"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.2 via the cs_remove_profile_callback() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete accounts of other users including admins."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-22T04:25:08.363Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/afb3e0e0-68c7-43f6-981f-59c3f3507429?source=cve"
        },
        {
          "url": "https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-21T15:58:03.000+00:00",
          "value": "Disclosed"
        }
      ],
      "title": "WP JobHunt \u003c= 7.2 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Account Deletion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-6585",
    "datePublished": "2025-07-22T04:25:08.363Z",
    "dateReserved": "2025-06-24T20:38:43.158Z",
    "dateUpdated": "2025-07-22T15:52:23.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-17189

CVE-2025-6585 (GCVE-0-2025-6585)

Tags

Sightings

Nomenclature