Vulnerabilities > WP Jobhunt Project

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2018-19488	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Wp-Jobhunt Project Wp-Jobhunt The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account. network low complexity wp-jobhunt-project CWE-640 critical	9.8
2019-03-21	CVE-2018-19487	Information Exposure vulnerability in Wp-Jobhunt Project Wp-Jobhunt The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users. network low complexity wp-jobhunt-project CWE-200	7.5

Vulnerabilities > WP Jobhunt Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"WP Jobhunt Project"}]}