The Jobs for WordPress plugin before 2.7.4 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
Vendor | Product | Version | CPE |
---|---|---|---|
blueglass | jobs_for_wordpress | * | cpe:2.3:a:blueglass:jobs_for_wordpress:*:*:*:*:*:*:*:* |