Show filters
41 Total Results
Displaying 1-10 of 41
Sort by:
Attacker Value
Unknown

CVE-2025-22679

Disclosure Date: February 03, 2025 (last updated February 04, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows Reflected XSS. This issue affects Job Board Manager: from n/a through 2.1.60.
0
0
Attacker Value
Unknown

CVE-2025-24622

Disclosure Date: January 24, 2025 (last updated January 25, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Job Board Manager allows Cross Site Request Forgery. This issue affects Job Board Manager: from n/a through 2.1.59.
0
0
Attacker Value
Unknown

CVE-2025-22294

Disclosure Date: January 07, 2025 (last updated January 08, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gravity Master Custom Field For WP Job Manager allows Reflected XSS.This issue affects Custom Field For WP Job Manager: from n/a through 1.3.
0
0
Attacker Value
Unknown

CVE-2024-37241

Disclosure Date: January 02, 2025 (last updated January 03, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Automattic WP Job Manager - Resume Manager allows Cross Site Request Forgery.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0.
0
0
Attacker Value
Unknown

CVE-2024-55993

Disclosure Date: December 16, 2024 (last updated December 18, 2024)
Missing Authorization vulnerability in PickPlugins Job Board Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Job Board Manager: from n/a through 2.1.60.
0
0
Attacker Value
Unknown

CVE-2023-28689

Disclosure Date: December 09, 2024 (last updated December 21, 2024)
Missing Authorization vulnerability in JoomSky JS Job Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through 2.0.0.
0
0
Attacker Value
Unknown

CVE-2023-6978

Disclosure Date: December 04, 2024 (last updated December 21, 2024)
The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'company' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-51602

Disclosure Date: November 09, 2024 (last updated November 09, 2024)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oleksandr Ustymenko Simple Job Manager allows SQL Injection.This issue affects Simple Job Manager: from n/a through 1.1.
0
0
Attacker Value
Unknown

CVE-2024-37443

Disclosure Date: November 01, 2024 (last updated November 02, 2024)
Missing Authorization vulnerability in Automattic WP Job Manager - Resume Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0.
0
0
Attacker Value
Unknown

CVE-2024-9206

Disclosure Date: October 18, 2024 (last updated October 23, 2024)
The MAS Companies For WP Job Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.13. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
View More Topics  Next >