Published:2017/06/15  Last Updated:2017/06/15

JVN#56787058
WordPress plugin "WP Job Manager" fails to restrict access permissions

Overview

The WordPress plugin "WP Job Manager" fails to restrict access permissions.

Products Affected

  • WP Job Manager prior to version 1.26.2

Description

The WordPress plugin "WP Job Manager" provided by Automattic Inc. fails to restrict access permissions.

Impact

A remote unauthenticated attacker may upload an image file to the server.

Solution

Update the plugin
Update the plugin according to the information provided by the developer.
According to developer, the update prevents uploading files from unauthenticated users.

Vendor Status

Vendor Link
Automattic Inc. WordPress Plugins - WP Job Manager - Changelog

References

JPCERT/CC Addendum

As of June 15th 2017, JPCERT/CC has received several incident reports of website defacements exploiting this issue.

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Base Score: 5.3
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score: 5.0
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

Katsunori Kumagai of Kumasan, LLC. reported this issue to IPA under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2017-000139