CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/01/25 9:17 a.m.•12 views

CVE-2025-12836

The VK Google Job Posting Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Job Description field in versions up to, and including, 1.2.23 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticat...

6.4CVSS6.1AI score0.00012EPSS

Exploits0References1

ATTACKERKB•added 2026/01/24 7:26 a.m.•4 views

CVE-2025-12836

The VK Google Job Posting Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Job Description field in versions up to, and including, 1.2.20 due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible for authenticat...

6.4CVSS6AI score0.00012EPSS

Exploits0References4

Vulnrichment•added 2026/01/24 7:26 a.m.•5 views

CVE-2025-12836 VK Google Job Posting Manager <= 1.2.23 - Authenticated (Author+) Stored Cross-Site Scripting via Job Description Field

6.4CVSS6AI score0.00012EPSS

Exploits0References4

Cvelist•added 2026/01/24 7:26 a.m.•32 views

CVE-2025-12836 VK Google Job Posting Manager <= 1.2.23 - Authenticated (Author+) Stored Cross-Site Scripting via Job Description Field

6.4CVSS0.00012EPSS

Exploits0References4

CVE•added 2026/01/24 7:26 a.m.•20 views

CVE-2025-12836

CVE-2025-12836 — VK Google Job Posting Manager (WordPress) is a stored cross-site scripting vulnerability in the VK Google Job Posting Manager plugin for WordPress. The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the Job Description field, ...

6.4CVSS6.1AI score0.00012EPSS

Exploits0References4

Patchstack•added 2026/01/24 12:15 a.m.•10 views

WordPress VK Google Job Posting Manager plugin <= 1.2.20 - Authenticated (Author+) Stored Cross-Site Scripting via Job Description Field vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Job Description Field vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin VK Google Job Posting Manager versions = 1.2.20...

6.4CVSS5.4AI score0.00012EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/01/24 12:0 a.m.•6 views

PT-2026-4565

6.4CVSS5.8AI score0.00012EPSS

Exploits0References4

Vulnrichment•added 2025/12/12 3:20 a.m.•3 views

CVE-2025-14467 WP Job Portal <= 2.4.4 - Authenticated (Editor+) Stored Cross-Site Scripting via Job Description Field

The WP Job Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.4.4. This is due to the plugin explicitly whitelisting the tag in its WPJOBPORTALALLOWEDTAGS configuration and using insufficient input sanitization when saving job...

4.4CVSS6AI score0.00032EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by