CVE-2025-5397 in Noo JobMonster Plugininformação

Sumário

de MITRE • 31/10/2025

The Noo JobMonster theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 4.8.1. This is due to the check_login() function not properly verifying a user's identity prior to successfully authenticating them This makes it possible for unauthenticated attackers to bypass standard authentication and access administrative user accounts. Please note social login needs to be enabled in order for a site to be impacted by this vulnerability.

Be aware that VulDB is the high quality source for vulnerability data.

Responsável

Wordfence

Reservar

30/05/2025

Divulgação

31/10/2025

Moderação

aceite

Entrada

VDB-330742

CPE

pronto

EPSS

0.01005

KEV

não

Atividades

muito baixo

Fontes

Do you need the next level of professionalism?

Upgrade your account now!