CVE-2024-13771 [CRITICAL] :

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. This is due to a lack of user validation before changing a password. This makes it possible for unauthenticated attackers to change the password of arbitrary users, including administrators, if the attacker knows the username of the victim.

InfoSec Write-ups

blog
tutorial
writeup
bugbounty

Awesome write-ups from the world’s best hackers intopics ranging from bug bounties, CTFs, Hack the box walkthroughs, hardware challenges, and real-life encounters.

Visit Website