3 matches found
WordPress WP JobSearch <1.5.1 - Cross-Site Scripting
WordPress WP JobSearch plugin prior to 1.5.1 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch...
CVE-2022-1168
The connected Nuclei template confirms a Cross-Site Scripting (XSS) vulnerability in WordPress WP JobSearch plugin versions prior to 1.5.1. The flaw allows an attacker to inject arbitrary JavaScript in the victim’s browser within the context of the affected site, potentially stealing session cook...
CVE-2022-1168 JobSearch < 1.5.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
There is a Cross-Site Scripting vulnerability in the JobSearch WP JobSearch WordPress plugin before 1.5.1...