Lucene search
K

42 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.9 views

CVE-2026-57653

Contributor SQL Injection in WP Job Portal = 2.5.2 versions...

8.5CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:53 p.m.16 views

CVE-2026-57653

CVE-2026-57653 describes a SQL Injection vulnerability in the WordPress plugin WP Job Portal (versions

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.10 views

EUVD-2026-36855

Subscriber Cross Site Scripting XSS in WP Job Portal = 2.5.2 versions...

6.5CVSS5.1AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42685

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

7.1CVSS5.4AI score0.00146EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 12:16 p.m.14 views

CVE-2026-42684

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ahmad WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.5.1...

9.3CVSS0.00299EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 10:43 a.m.22 views

CVE-2026-42685

The CVE-2026-42685 entry concerns the WordPress plugin WP Job Portal (versions up to 2.5.1). The issue is a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during page generation. Affected product: WP Job Portal. Root cause: insufficient input handlin...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 10:43 a.m.12 views

CVE-2026-42685

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 10:43 a.m.11 views

CVE-2026-42685 WordPress WP Job Portal plugin <= 2.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.18 views

PT-2026-45735

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ahmad WP Job Portal allows Blind SQL Injection. This issue affects WP Job Portal: from n/a through 2.5.1...

9.3CVSS5.8AI score0.00299EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/25 11:26 p.m.11 views

CVE-2026-4758 WP Job Portal <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-lev...

8.8CVSS6.6AI score0.0078EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.4 views

PT-2026-28149

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-lev...

8.8CVSS6.6AI score0.0078EPSS
Exploits0References4
NVD
NVD
added 2026/02/20 4:22 p.m.10 views

CVE-2026-24941

Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through = 2.4.4...

7.5CVSS0.00248EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/20 3:47 p.m.6 views

CVE-2026-24941

Missing Authorization vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through = 2.4.4...

7.5CVSS5.6AI score0.00248EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

WordPress plugin WP Job Portal 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

7.5CVSS5.8AI score0.00248EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.14 views

PT-2026-21228

Name of the Vulnerable Software and Affected Versions WP Job Portal versions through 2.4.4 Description The WP Job Portal software contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access. The issue is a missing authorization check...

7.5CVSS5.5AI score0.00248EPSS
Exploits0References4
NVD
NVD
added 2026/01/22 5:16 p.m.7 views

CVE-2026-24379

Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through = 2.4.3...

6.5CVSS0.00234EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.4 views

CVE-2026-24379

Authorization Bypass Through User-Controlled Key vulnerability in wpjobportal WP Job Portal wp-job-portal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Portal: from n/a through = 2.4.3...

9.1CVSS5.3AI score0.00234EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.10 views

WordPress WP Job Portal plugin <= 2.2.6 - Insecure Direct Object Reference to Authenticated (Employer+) Arbitrary Job Deletion vulnerability

Insecure Direct Object Reference to Authenticated Employer+ Arbitrary Job Deletion vulnerability discovered by thevietronin - GalaxyOne in WordPress Plugin WP Job Portal versions = 2.2.6...

4.3CVSS5.4AI score0.00342EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2025/12/16 12:0 a.m.3 views

WordPress Wp Job Portal Arbitrary File Read Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An arbitrary file read vulnerability exists in WordPress Wp Job Portal, which stems from improper handling of the downloadCustomUploadedFile function, and can be exploited ...

6.5CVSS6.6AI score0.00319EPSS
Exploits0References1
CVE
CVE
added 2025/12/11 8:22 p.m.30 views

CVE-2025-14293

CVE-2025-14293 : WP Job Portal for WordPress suffers an Authenticated Arbitrary File Read in all versions up to 2.4.0 via the downloadCustomUploadedFile function. Exploitation requires Subscriber+ level access . Impact is exposure of sensitive server files; the Wordfence vulnerability report list...

6.5CVSS5.5AI score0.00319EPSS
Exploits0References3
Rows per page
Query Builder