Lucene search
K

105 matches found

CVE
CVE
added 2025/03/14 4:22 a.m.62 views

CVE-2024-11285

CVE-2024-11285 (WP JobHunt

9.8CVSS9.8AI score0.00402EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/03/14 4:22 a.m.12 views

CVE-2024-11285 WP JobHunt <= 7.1 - Unauthenticated Privilege Escalation via Email Update/Account Takeover

The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 7.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the accountsettingscallback function. This...

9.8CVSS0.00402EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/14 4:22 a.m.9 views

CVE-2024-11285 WP JobHunt <= 7.1 - Unauthenticated Privilege Escalation via Email Update/Account Takeover

The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 7.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the accountsettingscallback function. This...

9.8CVSS9.8AI score0.00402EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.5 views

WordPress plugin WP JobHunt 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WP JobHunt...

7.5CVSS7AI score0.00406EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.5 views

WordPress plugin WP JobHunt 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS8.8AI score0.00496EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.7 views

WordPress plugin WP JobHunt 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS8.8AI score0.00402EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/03/14 12:0 a.m.5 views

PT-2025-11233 · WordPress · Wp Jobhunt

Name of the Vulnerable Software and Affected Versions: WP JobHunt plugin for WordPress versions up to, and including, 6.9 Description: The issue is related to privilege escalation via account takeover. This is due to the plugin not properly validating a user's identity prior to updating their...

9.8CVSS9.8AI score0.00496EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/03/14 12:0 a.m.6 views

PT-2025-11234

Name of the Vulnerable Software and Affected Versions: WP JobHunt plugin for WordPress versions up to, and including, 7.1 Description: The issue is related to privilege escalation via account takeover. This occurs because the plugin does not properly validate a user's identity before updating the...

9.8CVSS7.3AI score0.00402EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2025/03/14 12:0 a.m.5 views

PT-2025-11235 · WordPress · Wp Jobhunt

Name of the Vulnerable Software and Affected Versions: WP JobHunt plugin for WordPress versions up to, and including, 7.1 Description: The issue is related to authentication bypass due to the plugin not properly verifying a user's identity prior to authenticating them through the cs parse request...

9.8CVSS9.6AI score0.00593EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/03/14 12:0 a.m.4 views

PT-2025-11232 · WordPress · Wp Jobhunt

Name of the Vulnerable Software and Affected Versions: WP JobHunt plugin for WordPress versions up to, and including, 7.1 Description: The issue is related to authentication bypass. This is due to the wp ajax google api login callback function not properly verifying a user's identity prior to...

7.5CVSS7.9AI score0.00406EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/03/14 12:0 a.m.6 views

WordPress plugin WP JobHunt 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS8.7AI score0.00593EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/03/13 5:12 p.m.7 views

WordPress WP JobHunt plugin <= 7.1 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by Tonn in WordPress Plugin WP JobHunt versions = 7.1...

9.8CVSS8.8AI score0.00593EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/03/13 5:10 p.m.6 views

WordPress WP JobHunt plugin <= 7.1 - Unauthenticated Privilege Escalation via Password Reset/Account Takeover vulnerability

Unauthenticated Privilege Escalation via Password Reset/Account Takeover vulnerability discovered by Tonn in WordPress Plugin WP JobHunt versions = 7.1...

9.8CVSS8.8AI score0.00496EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/03/13 5:4 p.m.6 views

WordPress WP JobHunt plugin <= 7.1 - Authentication Bypass to Candidate vulnerability

Authentication Bypass to Candidate vulnerability discovered by Tonn in WordPress Plugin WP JobHunt versions = 7.1...

7.5CVSS8.8AI score0.00406EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/03/21 4:0 p.m.3 views

CVE-2018-19488

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the csresetpass function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account...

9.8CVSS5.8AI score0.04129EPSS
Exploits1References2
NVD
NVD
added 2019/03/21 4:0 p.m.8 views

CVE-2018-19488

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the csresetpass function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account...

9.8CVSS9.7AI score0.04129EPSS
Exploits1References2
NVD
NVD
added 2019/03/21 4:0 p.m.19 views

CVE-2018-19487

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the csemployerajaxprofile function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users...

7.5CVSS7.6AI score0.04852EPSS
Exploits1References2
OSV
OSV
added 2019/03/21 4:0 p.m.3 views

CVE-2018-19487

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the csemployerajaxprofile function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users...

7.5CVSS5.8AI score0.04852EPSS
Exploits1References2
Prion
Prion
added 2019/03/21 4:0 p.m.9 views

Default credentials

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the csresetpass function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account...

7.5CVSS9.6AI score0.04129EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2019/03/21 4:0 p.m.13 views

Code injection

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the csemployerajaxprofile function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users...

5CVSS7.6AI score0.04852EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder