What is CVE-2023-4490?

CVE-2023-4490 is a vulnerability in Wp Job Portal, classified under CWE-89 SQL INJECTION. Published 2023-09-25.

Is CVE-2023-4490 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Wp Job Portal

CVE-2023-4490

The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users

EPSS: 0.520 (98.0th percentile) — read the EPSS interpretation.

Affected products

Unknown Wp Job Portal — versions 0

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cve-scores

References

wpscan.com/vulnerability/986024f0-3c8d-44d8-a9c9-1dd284d7db0d (exploit, vdb-entry, technical-description)

Frequently asked questions

What is CVE-2023-4490?: CVE-2023-4490 is a vulnerability in Wp Job Portal, classified under CWE-89 SQL INJECTION. Published 2023-09-25.
Is CVE-2023-4490 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.