132 matches found
CVE-2024-37928
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NooTheme Jobmonster allows File Manipulation.This issue affects Jobmonster: from n/a through 4.7.0...
CVE-2024-37928 WordPress Jobmonster theme <= 4.7.0 - Unauthenticated Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NooTheme Jobmonster allows File Manipulation.This issue affects Jobmonster: from n/a through 4.7.0...
CVE-2024-37928 WordPress Jobmonster theme <= 4.7.0 - Unauthenticated Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in NooTheme Jobmonster allows File Manipulation.This issue affects Jobmonster: from n/a through 4.7.0...
CVE-2024-37928
CVE-2024-37928 is a Path Traversal vulnerability in Noo JobMonster (WordPress theme) that enables file manipulation. Affected: Jobmonster
CVE-2024-37927 WordPress Jobmonster theme <= 4.7.5 - Unauthenticated Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through = 4.7.5...
CVE-2024-37927
CVE-2024-37927 relates to Noo Theme’s JobMonster (noo-jobmonster) WordPress theme. The connected sources confirm an unauthenticated Privilege Escalation due to an Incorrect Privilege Assignment in Jobmonster versions up to 4.7.0 (Some sources list up to 4.7.5). The vulnerability allows an attacke...
CVE-2024-37927 WordPress Jobmonster theme <= 4.7.5 - Unauthenticated Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through = 4.7.5...
WordPress plugin Jobmonster security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress plugin Jobmonster path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
WordPress Jobmonster theme < 4.7.5 - Unauthenticated Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Deletion vulnerability discovered by Dave Jong Patchstack in WordPress Theme Jobmonster versions 4.7.5...
WordPress Jobmonster theme <= 4.7.5 - Unauthenticated Privilege Escalation vulnerability
Unauthenticated Privilege Escalation vulnerability discovered by Dave Jong Patchstack in WordPress Theme Jobmonster versions = 4.7.5...
WordPress Jobmonster Theme < 4.7.5 is vulnerable to Arbitrary File Deletion
Software Jobmonster Type Theme Vulnerable versions 4.7.5 Fixed in 4.7.5 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-37928 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID e4729f48ae0e Credits Dave Jong Patchstack Required...
WordPress Jobmonster Theme <= 4.7.4 is vulnerable to Privilege Escalation
Software Jobmonster Type Theme Vulnerable versions = 4.7.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-37927 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 2a728f531379 Credits Dave Jong Patchstack Required...
WordPress Noo JobMonster WordPress theme plugin跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Noo JobMonster WordPress theme plugin has...
WordPress JobMonster Theme plugin information leakage vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress JobMonster Theme plugin has an informatio...
CVE-2022-1170
In the Noo JobMonster WordPress theme before 4.5.2.9 JobMonster there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests...
CVE-2022-1170
In the Noo JobMonster WordPress theme before 4.5.2.9 JobMonster there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests...
CVE-2022-1166
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the we...
CVE-2022-1166
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the we...
CVE-2022-1166
The JobMonster Theme was vulnerable to Directory Listing in the /wp-content/uploads/jobmonster/ folder, as it did not include a default PHP file, or .htaccess file. This could expose personal data such as people's resumes. Although Directory Listing can be prevented by securely configuring the we...