Lucene search
K

176 matches found

Nuclei
Nuclei
added yesterday55 views

WordPress Job Portal < 2.0.6 - SQL Injection

The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape the city parameter before using it in a SQL statement,leading to a SQL injection vulnerability that is exploitable by unauthenticated users. This vulnerability can be used to extractsensitive data from the database or...

9.8CVSS7AI score0.03096EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:53 p.m.5 views

CVE-2026-57653

Contributor SQL Injection in WP Job Portal = 2.5.2 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:17 p.m.9 views

CVE-2026-48880

Subscriber Cross Site Scripting XSS in WP Job Portal = 2.5.2 versions...

6.5CVSS0.00205EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.19 views

CVE-2026-48880

WP Job Portal (WordPress) plugin

6.5CVSS5.1AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.31 views

CVE-2026-48880 WordPress WP Job Portal plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in WP Job Portal = 2.5.2 versions...

6.5CVSS0.00205EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.23 views

PT-2026-49485

Name of the Vulnerable Software and Affected Versions WP Job Portal versions prior to 2.5.3 Description Cross Site Scripting XSS exists in the plugin, allowing users with the Subscriber role to execute malicious scripts in the browser of other users. Recommendations Update to a version newer than...

6.5CVSS5.9AI score0.00205EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/02 10:42 a.m.9 views

CVE-2026-42684

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ahmad WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.5.1...

9.3CVSS5.8AI score0.00299EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.10 views

PT-2026-45736

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

WordPress plugin WP Job Portal 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS4.7AI score0.00146EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/30 8:1 a.m.4 views

WordPress WP Job Portal plugin <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field vulnerability

Authenticated Subscriber+ Arbitrary File Deletion via Resume Custom File Field vulnerability discovered by daroo in WordPress Plugin WP Job Portal versions = 2.4.9...

8.8CVSS5.9AI score0.0078EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.4 views

CVE-2026-4758

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-lev...

8.8CVSS6.6AI score0.0078EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 12:16 a.m.3 views

CVE-2026-4758

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-lev...

8.8CVSS0.0078EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/25 11:26 p.m.28 views

CVE-2026-4758 WP Job Portal <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-lev...

8.8CVSS0.0078EPSS
Exploits0References3
CVE
CVE
added 2026/03/25 11:26 p.m.10 views

CVE-2026-4758

The CVE-2026-4758 entry concerns the WordPress plugin WP Job Portal . Affected versions include all up to and including 2.4.9 , where insufficient file path validation in the function WPJOBPORTALcustomfields::removeFileCustom enables an authenticated user with at least Subscriber-level access to ...

8.8CVSS6.6AI score0.0078EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/03/24 6:13 p.m.7 views

WordPress WP Job Portal plugin <= 2.4.8 - Unauthenticated SQL Injection via 'radius' Parameter vulnerability

Unauthenticated SQL Injection via 'radius' Parameter vulnerability discovered by Leonid Semenenko lsemenenko in WordPress Plugin WP Job Portal versions = 2.4.8...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/23 10:25 p.m.5 views

CVE-2026-4306

The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the 'radius' parameter in all versions up to, and including, 2.4.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS5.9AI score0.00409EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.5 views

CVE-2026-24941

Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through = 2.4.4...

7.5CVSS5.6AI score0.00248EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/24 1:27 p.m.12 views

WordPress WP Job Portal plugin <= 2.4.3 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Nabil Irawan in WordPress Plugin WP Job Portal versions = 2.4.3...

9.1CVSS5.9AI score0.00234EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.7 views

CVE-2026-24379

Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through = 2.4.3...

6.5CVSS5.4AI score0.00234EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.10 views

PT-2026-4264

Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through = 2.4.3...

5.4AI score0.00234EPSS
Exploits0References2
Rows per page
Query Builder