WordPress easy.jobs plugin < 2.4.7 - Subscriber+ Arbitrary Settings Update vulnerability

Subscriber+ Arbitrary Settings Update vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin EasyJobs versions 2.4.7...

EUVD-2024-40646

Malicious code in bioql PyPI...

CVE-2024-43997

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in easy.Jobs EasyJobs allows Reflected XSS.This issue affects EasyJobs: from n/a through 2.4.14...

CVE-2024-43997

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in easy.Jobs EasyJobs allows Reflected XSS.This issue affects EasyJobs: from n/a through 2.4.14...

CVE-2024-43997

CVE-2024-43997: WordPress plugin easy.jobs (EasyJobs)

CVE-2024-43997 WordPress easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg plugin <= 2.4.14 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in easy.Jobs EasyJobs allows Reflected XSS.This issue affects EasyJobs: from n/a through 2.4.14...

PT-2024-30862 · Easyjobs · Easyjobs

Name of the Vulnerable Software and Affected Versions: EasyJobs versions prior to 2.4.14 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For versions prior to...

WordPress plugin EasyJobs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg plugin <= 2.4.14 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin EasyJobs versions = 2.4.14...

WordPress EasyJobs Plugin <= 2.4.14 is vulnerable to Cross Site Request Forgery (CSRF)

Software EasyJobs Type Plugin Vulnerable versions = 2.4.14 Fixed in 2.4.15 OWASP Top 10 A3: Injection Classification Cross Site Request Forgery CSRF CVE CVE-2024-43997 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 56a38105092f Credits Muhammad Daffa Required...

PT-2024-15107 · WordPress · Easyjobs

Name of the Vulnerable Software and Affected Versions: easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg WordPress plugin versions prior to 2.4.7 Description: The issue arises from the plugin not properly securing some of its AJAX actions,...

EasyJobs < 1.4.8 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the job-id parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting https://example.com/wp-content/plugins/easyjobs/admin/partials/easyjobs-candidates-display.php?job-id=%22%3E%3Cimg/src/onerror=alert/XSS/%3E...

EasyJobs < 1.4.8 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the job-id parameter before outputting it back in a page, leading to a Reflected Cross-Site Scripting PoC https://example.com/wp-content/plugins/easyjobs/admin/partials/easyjobs-candidates-display.php?job-id=%22%3E%3Cimg/src/onerror=alert/XSS/%3E...

WordPress EasyJobs plugin <= 1.4.7 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Jan w Oleju in WordPress EasyJobs plugin versions = 1.4.7. Solution Update the WordPress EasyJobs plugin to the latest available version at least 1.4.8...