10 matches found
CVE-2025-1315
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
CVE-2025-39477
CVE-2025-39477 is a Missing Authorization vulnerability in InWave Jobs’ Sfwebservice. Public sources (NVD, Red Hat, CIRCL sighting, and CanSOC enrichment) describe an unauthenticated authorization misconfiguration that enables privileged actions on InWave Jobs, affecting versions up to 3.5.8. The...
CVE-2025-39477 WordPress InWave Jobs Plugin <= 3.5.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Sfwebservice InWave Jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects InWave Jobs: from n/a through 3.5.8...
EUVD-2025-7388
Malicious code in bioql PyPI...
CVE-2025-1315
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
CVE-2025-1315
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
CVE-2025-1315 InWave Jobs <= 3.5.1 - Unauthenticated Privilege Escalation via Password Reset
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
CVE-2025-1315
CVE-2025-1315 : InWave Jobs plugin for WordPress (all versions up to 3.5.1) is vulnerable to unauthenticated privilege escalation via password reset. The root cause is improper validation of a user’s identity before updating passwords, allowing an attacker to change any user password (including a...
CVE-2025-1315 InWave Jobs <= 3.5.1 - Unauthenticated Privilege Escalation via Password Reset
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
VulnCheck KEV: CVE-2025-1315
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. This is due to the plugin not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers...