CVE-2024-12213

CRITICAL 9.8

WP Job Board Pro < 1.2.85 - Unauthenticated Privilege Escalation via process_register

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

The WP Job Board Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to 2.3.16. This is due to the plugin allowing a user to supply the 'role' field when registering. This makes it possible for unauthenticated attackers to register as an administrator on vulnerable sites. Please note that this may have been patched sooner, however, the oldest available version for us to confirm this is patched in was 1.2.85.

CWE	CWE-266
Vendor	http://apusthemes.com/
Product	wp job board pro
Published	Feb 12, 2025
Last Updated	Apr 8, 2026

Stay Ahead of the Next One

Get instant alerts for http://apusthemes.com/ wp job board pro

Be the first to know when new critical vulnerabilities affecting http://apusthemes.com/ wp job board pro are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

http://apusthemes.com/ / WP Job Board Pro

0 < 1.2.85

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wordfence.com: https://www.wordfence.com/threat-intel/vulnerabilities/id/7cdfce88-b6c2-4820-9d6f-446f61b9b596?source=cve themeforest.net: https://themeforest.net/item/superio-job-board-wordpress-theme/32180231

Credits

Friderika Baranyai