Ameeba Blog Logo
Ameeba Chat App store presentation
Download Ameeba Chat Today
Ameeba Blog Search

CVE-2025-6585: WP JobHunt Plugin for WordPress Vulnerable to Insecure Direct Object Reference

Ameeba’s Mission: Safeguarding privacy by securing data and communication with our patented anonymization technology.

Overview

The WP JobHunt plugin for WordPress, a popular application used by millions for job board functionality, is currently facing a significant cybersecurity threat. The plugin has been identified with a vulnerability that allows users with minimal privileges to delete the accounts of other users, potentially leading to major data loss or even a system compromise. This vulnerability, identified as CVE-2025-6585, affects all versions up to and including 7.2 of the WP JobHunt plugin. Given the widespread use of WordPress and this plugin, this vulnerability poses a serious risk to website owners, businesses, and users alike.

Vulnerability Summary

CVE ID: CVE-2025-6585
Severity: High (8.1 CVSS Score)
Attack Vector: Network
Privileges Required: Low (Subscriber-level access)
User Interaction: Required
Impact: Potential system compromise or data leakage

Affected Products

Ameeba Chat Icon Escape the Surveillance Era

Most apps won’t tell you the truth.
They’re part of the problem.

Phone numbers. Emails. Profiles. Logs.
It’s all fuel for surveillance.

Ameeba Chat gives you a way out.

  • • No phone number
  • • No email
  • • No personal info
  • • Anonymous aliases
  • • End-to-end encrypted

Chat without a trace.

Product | Affected Versions

WP JobHunt Plugin for WordPress | Up to and including 7.2

How the Exploit Works

The exploit takes advantage of a flaw in the `cs_remove_profile_callback()` function of the WP JobHunt plugin. Specifically, the function fails to validate a user-controlled key properly. This oversight enables an authenticated attacker, even with just Subscriber-level access, to delete accounts of other users, including admins. The attacker could potentially craft a malicious payload, send it to the vulnerable server, and delete other users’ accounts, thereby gaining unauthorized access or causing significant disruption.

Conceptual Example Code

The following pseudocode illustrates what an exploit might look like:

POST /wp-jobhunt/delete-profile HTTP/1.1
Host: target.example.com
Content-Type: application/json
{
"user_id": "[Target User ID]",
"action": "delete"
}

In this example, the attacker sends a POST request to the vulnerable endpoint with a JSON payload containing the user_id of the targeted account and an action set to “delete”. Since the `cs_remove_profile_callback()` function does not properly validate the user_id, the server processes the request, leading to the deletion of the targeted account.

Recommendations for Mitigation

The vendor has released a patch to fix this vulnerability, and it is highly recommended to apply this patch immediately. If this is not possible, a temporary mitigation can be implemented by using a Web Application Firewall (WAF) or Intrusion Detection System (IDS). These can help block or alert on suspicious activities to reduce the risk of exploitation. Additionally, regular audits of user activity and strong password policies can help prevent unauthorized access.

Talk freely. Stay anonymous with Ameeba Chat.

Disclaimer:

The information and code presented in this article are provided for educational and defensive cybersecurity purposes only. Any conceptual or pseudocode examples are simplified representations intended to raise awareness and promote secure development and system configuration practices.

Do not use this information to attempt unauthorized access or exploit vulnerabilities on systems that you do not own or have explicit permission to test.

Ameeba and its authors do not endorse or condone malicious behavior and are not responsible for misuse of the content. Always follow ethical hacking guidelines, responsible disclosure practices, and local laws.

More posts

Ameeba Chat