CVE-2024-12824 [CRITICAL] :

The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.2. This is due to the plugin not properly checking for an empty token value prior updating their details like password. This makes it possible for unauthenticated attackers to change arbitrary user's password, including administrators, and leverage that to gain access to their account.

IT Security Guru

news

IT Security Guru is the home of IT Security and Cybersecurity news in the UK, Europe and the World. Get the latest industry news and articles here.

Visit Website

Listed: Sun Nov 12 2023