EUVD-2020-24088

Malware in sbrugna...

EUVD-2025-4033

Malicious code in bioql PyPI...

MAL-2025-44081 Malicious code in duty-indeed-stuck (npm)

The package duty-indeed-stuck was found to contain malicious code...

Malicious code in duty-indeed-stuck (npm)

The package duty-indeed-stuck was found to contain malicious code...

CVE-2020-36634

A vulnerability classified as problematic has been found in Indeed Engineering util up to 1.0.33. Affected is the function visit/appendTo of the file varexport/src/main/java/com/indeed/util/varexport/servlet/ViewExportedVariablesServlet.java. The manipulation leads to cross site scripting. It is...

CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter

The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘postid’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter

The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘postid’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

WordPress plugin Indeed Ultimate Learning Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2025-25103

Cross-Site Request Forgery CSRF vulnerability in bnielsen Indeed API indeed-api allows Cross Site Request Forgery.This issue affects Indeed API: from n/a through = 0.5...

CVE-2025-25103

Cross-Site Request Forgery CSRF vulnerability in bnielsen Indeed API indeed-api allows Cross Site Request Forgery.This issue affects Indeed API: from n/a through = 0.5...

CVE-2025-25103 WordPress Indeed API Plugin <= 0.5 - CSRF to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in bnielsen Indeed API allows Cross Site Request Forgery. This issue affects Indeed API: from n/a through 0.5...

CVE-2025-25103 WordPress Indeed API Plugin <= 0.5 - CSRF to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in bnielsen Indeed API indeed-api allows Cross Site Request Forgery.This issue affects Indeed API: from n/a through = 0.5...

CVE-2025-25103

CVE-2025-25103 describes a CSRF to settings change vulnerability in the WordPress Indeed API Plugin, affecting versions up to 0.5. The issue allows CSRF exploits to alter settings without user consent. Public documentation confirms the affected plugin/version range and the CSRF root cause; patch ...

WordPress plugin Indeed API 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2025-5932 · Unknown · Bnielsen Indeed Api

Name of the Vulnerable Software and Affected Versions: bnielsen Indeed API versions 0.5 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is achieved by tricking the user into...

WordPress Indeed API Plugin <= 0.5 - CSRF to Settings Change vulnerability

CSRF to Settings Change vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Indeed API versions = 0.5...

WordPress plugin Indeed Membership Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-10843 · WordPress · Indeed Membership Pro

Name of the Vulnerable Software and Affected Versions: Indeed Membership Pro plugin for WordPress versions 7.3 through 8.6 Description: The Indeed Membership Pro plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on various AJAX actions. This makes it...

EvilProxy Phishing Attack Targets Indeed Job Platform

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new phishing campaign has emerged, specifically targeting high-profile US executives. This campaign takes advantage of open redirects from the jobs platform Indeed and employs EvilProxy to pilfer sessi...

Malicious code in eslint-plugin-indeed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cd3cf0dfdda3ea0bf705d385efb05c56b971a408c4a0dceef3771d2e474a33e0 The OpenSSF Package Analysis project identified 'eslint-plugin-indeed' @ 99.99.9 npm as malicious. It is considered malicious because: - The...