23 matches found
WordPress WP Job Portal plugin <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume Download vulnerability
Missing Authorization to Unauthenticated Arbitrary Resume Download vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.2...
EUVD-2024-34254
Malicious code in bioql PyPI...
EUVD-2024-51562
Malicious code in bioql PyPI...
CVE-2024-11712
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById function in all versions up to, and including, 2.2.2. This makes it possible for...
CVE-2024-7762
The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes...
CVE-2024-7762 Simple Job Board < 2.12.6 - Unauthenticated Resumes Download
The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes...
CVE-2024-7762
CVE-2024-7762 affects the WordPress plugin Simple Job Board (versions prior to 2.12.6). The vulnerability arises because the plugin does not prevent listing of uploaded files, allowing unauthenticated users to access and download uploaded resumes. Impact is limited to unauthorized disclosure of u...
CVE-2024-7762 Simple Job Board < 2.12.6 - Unauthenticated Resumes Download
The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes...
WordPress WP Job Portal plugin <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download vulnerability
Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download vulnerability discovered by thevietronin in WordPress Plugin WP Job Portal versions = 2.2.6...
CVE-2024-13372
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...
CVE-2024-13372
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...
CVE-2024-13372 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...
CVE-2024-13372
CVE-2024-13372 affects WordPress WP Job Portal (plugin) up to version 2.2.6. Root cause: missing validation on a user-controlled key in getresumefiledownloadbyid() and getallresumefiles(), enabling unauthenticated download of user resumes (Insecure Direct Object Reference). Exploitation context i...
CVE-2024-13372 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...
CVE-2024-11712
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById function in all versions up to, and including, 2.2.2. This makes it possible for...
CVE-2024-11712
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById function in all versions up to, and including, 2.2.2. This makes it possible for...
CVE-2024-11712 WP Job Portal <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume Download
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById function in all versions up to, and including, 2.2.2. This makes it possible for...
PT-2024-17202 · WordPress · Wp Job Portal
Name of the Vulnerable Software and Affected Versions: WP Job Portal – A Complete Recruitment System plugin for WordPress versions up to, and including, 2.2.2 Description: The WP Job Portal plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the...
WordPress plugin WP Job Portal 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Ninja Job Board 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...