Lucene search
+L

132 matches found

NVD
NVD
added 2024/07/12 2:15 p.m.22 views

CVE-2024-37928

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NooTheme Jobmonster allows File Manipulation.This issue affects Jobmonster: from n/a through 4.7.0...

8.6CVSS0.00589EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/12 2:0 p.m.22 views

CVE-2024-37928 WordPress Jobmonster theme <= 4.7.0 - Unauthenticated Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NooTheme Jobmonster allows File Manipulation.This issue affects Jobmonster: from n/a through 4.7.0...

8.6CVSS0.00589EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/12 2:0 p.m.18 views

CVE-2024-37928 WordPress Jobmonster theme <= 4.7.0 - Unauthenticated Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NooTheme Jobmonster allows File Manipulation.This issue affects Jobmonster: from n/a through 4.7.0...

8.6CVSS6.8AI score0.00589EPSS
Exploits0References1
CVE
CVE
added 2024/07/12 2:0 p.m.45 views

CVE-2024-37928

CVE-2024-37928 is a Path Traversal vulnerability in Noo JobMonster (WordPress theme) that enables file manipulation. Affected: Jobmonster

8.6CVSS8.6AI score0.00589EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/12 1:59 p.m.32 views

CVE-2024-37927 WordPress Jobmonster theme <= 4.7.5 - Unauthenticated Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through = 4.7.5...

9.8CVSS0.00487EPSS
Exploits0References1
CVE
CVE
added 2024/07/12 1:59 p.m.60 views

CVE-2024-37927

CVE-2024-37927 relates to Noo Theme’s JobMonster (noo-jobmonster) WordPress theme. The connected sources confirm an unauthenticated Privilege Escalation due to an Incorrect Privilege Assignment in Jobmonster versions up to 4.7.0 (Some sources list up to 4.7.5). The vulnerability allows an attacke...

9.8CVSS5.9AI score0.00487EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/12 1:59 p.m.25 views

CVE-2024-37927 WordPress Jobmonster theme <= 4.7.5 - Unauthenticated Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through = 4.7.5...

9.8CVSS5.9AI score0.00487EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.3 views

WordPress plugin Jobmonster security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS6.9AI score0.00487EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.3 views

WordPress plugin Jobmonster path traversal vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

8.6CVSS6.7AI score0.00589EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/07/09 1:51 p.m.6 views

WordPress Jobmonster theme < 4.7.5 - Unauthenticated Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion vulnerability discovered by Dave Jong Patchstack in WordPress Theme Jobmonster versions 4.7.5...

8.6CVSS7AI score0.00589EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/09 1:46 p.m.6 views

WordPress Jobmonster theme <= 4.7.5 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by Dave Jong Patchstack in WordPress Theme Jobmonster versions = 4.7.5...

9.8CVSS7AI score0.00487EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/09 12:0 a.m.13 views

WordPress Jobmonster Theme < 4.7.5 is vulnerable to Arbitrary File Deletion

Software Jobmonster Type Theme Vulnerable versions 4.7.5 Fixed in 4.7.5 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-37928 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID e4729f48ae0e Credits Dave Jong Patchstack Required...

8.6CVSS6.5AI score0.00589EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/09 12:0 a.m.9 views

WordPress Jobmonster Theme <= 4.7.4 is vulnerable to Privilege Escalation

Software Jobmonster Type Theme Vulnerable versions = 4.7.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-37927 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2a728f531379 Credits Dave Jong Patchstack Required...

9.8CVSS6.5AI score0.00487EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2022/04/07 12:0 a.m.15 views

WordPress Noo JobMonster WordPress theme plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Noo JobMonster WordPress theme plugin has...

6.1CVSS1.4AI score0.01836EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/07 12:0 a.m.33 views

WordPress JobMonster Theme plugin information leakage vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress JobMonster Theme plugin has an informatio...

5CVSS1.6AI score0.01528EPSS
Exploits1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/04 4:15 p.m.8 views

CVE-2022-1170

In the Noo JobMonster WordPress theme before 4.5.2.9 JobMonster there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests...

6.1CVSS6.3AI score0.01836EPSS
Exploits1References4
OSV
OSV
added 2022/04/04 4:15 p.m.4 views

CVE-2022-1170

In the Noo JobMonster WordPress theme before 4.5.2.9 JobMonster there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests...

6.1CVSS5.8AI score0.01836EPSS
Exploits1References2
OSV
OSV
added 2022/04/04 4:15 p.m.5 views

CVE-2022-1166

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the we...

5.3CVSS5.8AI score0.01528EPSS
Exploits1References2
NVD
NVD
added 2022/04/04 4:15 p.m.25 views

CVE-2022-1166

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the we...

5.3CVSS0.01528EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/04/04 4:15 p.m.7 views

CVE-2022-1166

The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the we...

5.3CVSS5.9AI score0.01528EPSS
Exploits1References3
Rows per page
Query Builder