Lucene search
K

23 matches found

Patchstack
Patchstack
added 2026/02/03 9:19 a.m.7 views

WordPress WP Job Portal plugin <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume Download vulnerability

Missing Authorization to Unauthenticated Arbitrary Resume Download vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.2...

5.3CVSS5.4AI score0.00459EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-34254

Malicious code in bioql PyPI...

5.3CVSS8.9AI score0.00459EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51562

Malicious code in bioql PyPI...

5.3CVSS9.2AI score0.00412EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:50 a.m.6 views

CVE-2024-11712

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById function in all versions up to, and including, 2.2.2. This makes it possible for...

5.3CVSS6.7AI score0.00459EPSS
Exploits0References1
NVD
NVD
added 2025/05/15 8:15 p.m.8 views

CVE-2024-7762

The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes...

3.7CVSS0.00344EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.9 views

CVE-2024-7762 Simple Job Board < 2.12.6 - Unauthenticated Resumes Download

The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes...

7.1AI score0.00344EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.30 views

CVE-2024-7762

CVE-2024-7762 affects the WordPress plugin Simple Job Board (versions prior to 2.12.6). The vulnerability arises because the plugin does not prevent listing of uploaded files, allowing unauthenticated users to access and download uploaded resumes. Impact is limited to unauthorized disclosure of u...

3.7CVSS6.6AI score0.00344EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.14 views

CVE-2024-7762 Simple Job Board < 2.12.6 - Unauthenticated Resumes Download

The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes...

0.00344EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/02/03 10:14 p.m.4 views

WordPress WP Job Portal plugin <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download vulnerability

Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download vulnerability discovered by thevietronin in WordPress Plugin WP Job Portal versions = 2.2.6...

5.3CVSS7AI score0.00412EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/02/01 8:15 a.m.3 views

CVE-2024-13372

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...

5.3CVSS5.8AI score0.00412EPSS
Exploits0References2
NVD
NVD
added 2025/02/01 8:15 a.m.26 views

CVE-2024-13372

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...

5.3CVSS0.00412EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/01 7:21 a.m.7 views

CVE-2024-13372 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...

5.3CVSS5.2AI score0.00412EPSS
Exploits0References2
CVE
CVE
added 2025/02/01 7:21 a.m.61 views

CVE-2024-13372

CVE-2024-13372 affects WordPress WP Job Portal (plugin) up to version 2.2.6. Root cause: missing validation on a user-controlled key in getresumefiledownloadbyid() and getallresumefiles(), enabling unauthenticated download of user resumes (Insecure Direct Object Reference). Exploitation context i...

5.3CVSS5.2AI score0.00412EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/02/01 7:21 a.m.25 views

CVE-2024-13372 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...

5.3CVSS0.00412EPSS
Exploits0References2
OSV
OSV
added 2024/12/14 7:15 a.m.4 views

CVE-2024-11712

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById function in all versions up to, and including, 2.2.2. This makes it possible for...

5.3CVSS7.3AI score0.00459EPSS
Exploits0References4
NVD
NVD
added 2024/12/14 7:15 a.m.17 views

CVE-2024-11712

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById function in all versions up to, and including, 2.2.2. This makes it possible for...

5.3CVSS0.00459EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/12/14 6:45 a.m.10 views

CVE-2024-11712 WP Job Portal <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume Download

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById function in all versions up to, and including, 2.2.2. This makes it possible for...

5.3CVSS6.8AI score0.00459EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/12/14 12:0 a.m.4 views

PT-2024-17202 · WordPress · Wp Job Portal

Name of the Vulnerable Software and Affected Versions: WP Job Portal – A Complete Recruitment System plugin for WordPress versions up to, and including, 2.2.2 Description: The WP Job Portal plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the...

5.3CVSS7.2AI score0.00459EPSS
Exploits0References12
CNNVD
CNNVD
added 2024/12/14 12:0 a.m.6 views

WordPress plugin WP Job Portal 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS8.3AI score0.00459EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/22 12:0 a.m.5 views

WordPress plugin Ninja Job Board 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

7.5CVSS7.3AI score0.03158EPSS
Exploits2References3
Rows per page
Query Builder