21 matches found
EUVD-2026-15542
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
CVE-2026-23806
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
CVE-2026-23806
CVE-2026-23806 corresponds to a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin Jobs for WordPress, affecting versions through 2.8. The issue arises from incorrectly configured access control security levels, potentially enabling unauthorized access or actions ...
CVE-2026-23806 WordPress Jobs for WordPress plugin <= 2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
CVE-2026-23806 WordPress Jobs for WordPress plugin <= 2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
CVE-2025-68597 WordPress Jobs for WordPress plugin <= 2.8.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.8.1...
WordPress plugin Jobs for WordPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
EUVD-2024-16604
Malicious code in bioql PyPI...
CVE-2025-50050
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.7.14...
CVE-2025-50050
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.7.14...
CVE-2025-50050
CVE-2025-50050 concerns WordPress plugin Jobs for WordPress (WordPress plugin: Job Postings) versions up to 2.7.12, with an Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. The CVE is tied to stored XSS in the plugin, which could ...
WordPress plugin Jobs for WordPress 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2025-1310 Jobs for WordPress <= 2.7.11 - Authenticated (Subscriber+) Arbitrary File Read
The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.7.11 via the 'jobpostingsgetfile' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files...
CVE-2025-1310
CVE-2025-1310 affects the WordPress plugin Job Postings (Jobs for WordPress) up to version 2.7.11. Affected component: directory traversal via the job_postings_get_file parameter. Exploitation requires authenticated access at Subscriber level or higher, enabling reading of arbitrary server files ...
WordPress plugin Jobs for WordPress 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
WordPress Jobs for WordPress plugin < 2.7.8 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Jobs for WordPress versions 2.7.8...
WordPress plugin Jobs for WordPress 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
CVE-2024-2833 Jobs for WordPress <= 2.7.5 - Reflected Cross-Site Scripting via job-search
The Jobs for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘job-search’ parameter in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...
PT-2024-22394 · WordPress · Jobs For Wordpress
Name of the Vulnerable Software and Affected Versions: Jobs for WordPress plugin for WordPress versions up to, and including, 2.7.5 Description: The issue is related to Reflected Cross-Site Scripting via the job-search parameter due to insufficient input sanitization and output escaping. This...
CVE-2024-0820
The Jobs for WordPress plugin before 2.7.4 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...