{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-7733", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-17T01:29:25.806Z", "datePublished": "2025-12-20T13:47:42.695Z", "dateUpdated": "2026-04-08T16:48:27.090Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:48:27.090Z"}, "affected": [{"vendor": "n/a", "product": "WP JobHunt", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "7.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user."}], "title": "WP JobHunt <= 7.7 - Authenticated (Candidate+) Insecure Direct Object Reference", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/409bcd8c-6cd3-4022-a67f-57e901c83d66?source=cve"}, {"url": "https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-639 Authorization Bypass Through User-Controlled Key", "cweId": "CWE-639", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "meghnine islem"}], "timeline": [{"time": "2025-12-20T01:29:38.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-22T16:00:56.602388Z", "id": "CVE-2025-7733", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-22T16:01:10.397Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7733", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-22T16:00:56.602388Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-22T16:01:01.987Z"}}], "cna": {"title": "WP JobHunt <= 7.7 - Authenticated (Candidate+) Insecure Direct Object Reference", "credits": [{"lang": "en", "type": "finder", "value": "meghnine islem"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "affected": [{"vendor": "n/a", "product": "WP JobHunt", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "7.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-12-20T01:29:38.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/409bcd8c-6cd3-4022-a67f-57e901c83d66?source=cve"}, {"url": "https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636"}], "descriptions": [{"lang": "en", "value": "The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:48:27.090Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7733", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:48:27.090Z", "dateReserved": "2025-07-17T01:29:25.806Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-12-20T13:47:42.695Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user."}], "id": "CVE-2025-7733", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-12-20T14:16:03.530", "references": [{"source": "security@wordfence.com", "url": "https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/409bcd8c-6cd3-4022-a67f-57e901c83d66?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T00:39:58.516901+00:00", "value": {"mitigation_remediation": ["Upgrade WP JobHunt to version 7.8 or newer.", "Revoke or restrict Candidate\u2011level users from performing status updates via the plugin\u2019s callback, for example by altering role capabilities or disabling the feature.", "Apply server\u2011side validation or WAF rules that enforce that only authorized users can invoke the email\u2011generation endpoint."], "summary": {"action": "Update Plugin", "impact": "Arbitrary site\u2011generated email with injected HTML to any user"}, "threat_synthesis": {"affected_systems": "Any WordPress site running WP JobHunt version 7.7 or earlier, including installations that use the JobCareer theme, is affected. The vulnerability exists in the plugin itself and does not depend on other components beyond the WordPress environment.", "description_and_impact": "The WP JobHunt plugin contains a missing validation on a user\u2011controlled key in the \"cs_update_application_status_callback\" routine, creating an insecure direct object reference. Authenticated users with Candidate level or higher privileges can exploit this flaw to send a site\u2011generated email that includes injected HTML to any other user. This could enable phishing, lure users into executing malicious scripts, or create spoofed communications that appear legitimate to recipients.", "risk_and_exploitability": "The CVSS score of 4.3 indicates moderate impact, and an EPSS score of less than 1 \u2013 the exploitation probability is minimal. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is an authenticated request to the plugin\u2019s AJAX callback, requiring the attacker to be logged in with Candidate or higher privileges. The lack of observable widespread exploitation or wealth of public exploits further limits the risk to most environments, but any site receiving uncontrolled emails should consider remediation promptly."}}}}, "created": "2025-12-21T21:12:24.540848+00:00", "updated": "2026-04-21T00:45:23.094940+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress", "wp-jobhunt_project", "wp-jobhunt_project$PRODUCT$wp-jobhunt"]}