{"id":71365,"date":"2025-10-10T15:45:37","date_gmt":"2025-10-10T12:15:37","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-7374-wp-jobhunt\/"},"modified":"2025-10-10T15:45:37","modified_gmt":"2025-10-10T12:15:37","slug":"cve-2025-7374-wp-jobhunt","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-7374-wp-jobhunt\/","title":{"rendered":"CVE-2025-7374 &#8211; WP JobHunt"},"content":{"rendered":"<p>CVE ID : CVE-2025-7374<\/p>\n<p>Published :  Oct. 10, 2025, 12:15 p.m. | 22\u00a0minutes ago<\/p>\n<p>Description : The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to authorization bypass in all versions up to, and including, 7.6. This is due to insufficient login restrictions on inactive and pending accounts. This makes it possible for authenticated attackers, with Candidate- and Employer-level access and above, to log in to the site even if their account is inactive or pending.<\/p>\n<p>Severity: 5.4 | MEDIUM<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-7374 Published : Oct. 10, 2025, 12:15 p.m. | 22\u00a0minutes ago Description : The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to authorization bypass in all versions up to, and including, 7.6. This is due to insufficient login restrictions on inactive and pending accounts. This makes it &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-71365","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/71365","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=71365"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/71365\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=71365"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=71365"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=71365"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}