Karl.Fail

Tag: password-reset

  • CVE-2025-1315: Critical Privilege Escalation via Password Reset in InWave Jobs WordPress Plugin

    Overview

    CVE-2025-1315 is a critical vulnerability in the InWave Jobs plugin for WordPress, affecting all versions up to and including 3.5.1. This flaw allows unauthenticated attackers to reset the password of any user, including administrators, leading to full compromise of affected WordPress sites.

    Technical Details

    The vulnerability arises from the plugin’s failure to properly validate the identity of the user initiating a password reset. As a result, an attacker can craft a request that changes the password of any account without authentication. This type of flaw is categorized under CWE-288: Authentication Bypass Using an Alternate Path or Channel.

    Once the password of a privileged user, such as an administrator, is changed, the attacker gains full access to the backend, allowing them to:

    • Modify or delete content
    • Install malicious plugins or themes
    • Exfiltrate sensitive data
    • Compromise other user accounts

    CVSS Score

    This vulnerability has been assigned a CVSS v3.1 score of 9.8 (Critical):

    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
    • Impact: High for Confidentiality, Integrity, and Availability

    Impacted Versions

    All versions of the InWave Jobs plugin up to and including 3.5.1 are affected. This includes installations integrated with themes like InJob.

    Mitigation

    • Immediately update to a patched version if available.
    • Disable the plugin temporarily if an update is not available.
    • Review your site’s user accounts for unauthorized changes or suspicious activity.
    • Reset administrator passwords after patching to ensure security.

    Conclusion

    This vulnerability emphasizes the importance of strict identity validation for all user-sensitive actions, especially password resets. A missing check in such a critical function can open the door to full system compromise. Site administrators using InWave Jobs should patch immediately and audit their sites for signs of intrusion.

    Credit for discovery goes to Tonn. For more information, visit the Wordfence advisory.