EUVD-2021-25690

Malware in sbrugna...

CVE-2022-4061

The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP...

CVE-2023-23715

Missing Authorization vulnerability in JobBoardWP JobBoardWP – Job Board Listings and Submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobBoardWP – Job Board Listings and Submissions: from n/a through 1.2.2...

CVE-2024-10880

The JobBoardWP – Job Board Listings and Submissions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.3.0. This makes it possible for unauthenticated...

WordPress JobBoardWP plugin <= 1.3.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin JobBoardWP – Job Board Listings and Submissions versions = 1.3.0...

PT-2024-16614 · WordPress · Jobboardwp

Name of the Vulnerable Software and Affected Versions: JobBoardWP – Job Board Listings and Submissions plugin for WordPress versions up to, and including, 1.3.0 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg and remove query arg without proper...

CVE-2022-4061

The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP...

CVE-2022-4061 JobBoardWP < 1.2.2 - Unauthenticated Arbitrary File Upload

The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP...

PT-2022-25418 · WordPress · Jobboardwp

Name of the Vulnerable Software and Affected Versions: JobBoardWP WordPress plugin versions prior to 1.2.2 Description: The issue allows unauthenticated users to upload arbitrary files, such as PHP, due to improper validation of file names and types in the file upload functionalities...

JobBoardWP < 1.2.2 - Unauthenticated Arbitrary File Upload

The plugin does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP. PoC Setup: 1. Install the vulnerable plugin jobboardwp version 1.2.1 2. In the toast message that appears on the plugin's...

CVE-2021-39329 JobBoardWP – Job Board Listings and Submissions <= 1.0.7 Authenticated Stored Cross-Site Scripting

The JobBoardWP WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the /includes/admin/class-metabox.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in...