CVE-2024-12810

Name of the Vulnerable Software and Affected Versions JobCareer | Job Board Responsive WordPress Theme versions up to, and including, 7.1

Description The JobCareer | Job Board Responsive WordPress Theme theme for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on multiple functions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files, generate backups, restore backups, update theme options, and reset theme options to default settings.

Recommendations For versions up to, and including, 7.1, update to a newer version to prevent potential cyber threats. As a temporary workaround, consider restricting access to sensitive theme options and functions to minimize the risk of exploitation. Avoid using the theme's backup and restore functionality until the issue is resolved. Restrict access to the theme's file management features to prevent arbitrary file deletion.