{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T20:02:12.725","vulnerabilities":[{"cve":{"id":"CVE-2024-11715","sourceIdentifier":"security@wordfence.com","published":"2024-12-14T07:15:06.880","lastModified":"2026-06-17T06:58:18.297","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the assignUserRole() function in all versions up to, and including, 2.2.2. This makes it possible for unauthenticated attackers to elevate their privileges to that of an employer."},{"lang":"es","value":"El complemento WP Job Portal – A Complete Recruitment System para Company y Job Board website para WordPress es vulnerable al acceso no autorizado debido a una verificación de capacidad faltante en la función assignmentUserRole() en todas las versiones hasta la 2.2.2 incluida. Esto permite que atacantes no autenticados eleven sus privilegios a los de un empleador."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"wpjobportal","product":"WP Job Portal – AI-Powered Recruitment System for Company or Job Board website","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.2.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-16T16:49:59.834101Z","id":"CVE-2024-11715","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wpjobportal:wp_job_portal:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"2.2.3","matchCriteriaId":"990D05B3-6114-4654-9399-4A620CAED94A"}]}]}],"references":[{"url":"https://gist.github.com/tvnnn/9b706643c5f88989c98815be8b101e11","source":"security@wordfence.com","tags":["Product"]},{"url":"https://plugins.trac.wordpress.org/changeset/3202327/wp-job-portal/tags/2.2.3/modules/user/controller.php?old=3187129&old_path=wp-job-portal%2Ftags%2F2.2.2%2Fmodules%2Fuser%2Fcontroller.php","source":"security@wordfence.com","tags":["Patch"]},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4107199d-e3c7-4379-b39d-1868de7d777b?source=cve","source":"security@wordfence.com","tags":["Third Party Advisory"]}]}}]}