CVE-2025-5397 in Noo JobMonster PluginИнформация

Сводка

по MITRE • 31.10.2025

The Noo JobMonster theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 4.8.1. This is due to the check_login() function not properly verifying a user's identity prior to successfully authenticating them This makes it possible for unauthenticated attackers to bypass standard authentication and access administrative user accounts. Please note social login needs to be enabled in order for a site to be impacted by this vulnerability.

Be aware that VulDB is the high quality source for vulnerability data.

Ответственный

Wordfence

Резервировать

30.05.2025

Раскрытие

31.10.2025

Модерация

принято

Вход

VDB-330742

EPSS

0.01005

KEV

Нет

Деятельности

Очень низкий

Сектор

Hostingprovider

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!