CVE-2019-9574

NONE EPSS 82.0%
Published Mar 5, 20197y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 5, 2019 7y ago
Last Modified Jun 17, 2026 2w ago

Description

The WP Human Resource Management plugin before 2.2.6 for WordPress does not ensure that a leave modification occurs in the context of the Administrator or HR Manager role.

Threat Intelligence

EPSS Exploit Probability
82.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-862 Missing Authorization Authorization

Affected Products 1

VendorProductVersionRange
mishubdwp_human_resource_management* <2.2.6

References 3

  • openwall.com http://www.openwall.com/lists/oss-security/2019/03/17/1
    Mailing List
  • securityfocus.com http://www.securityfocus.com/bid/107464
    Third Party AdvisoryVDB Entry
  • wordpress.org https://wordpress.org/plugins/hrm/#developers
    ProductThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.